On mån, 2008-06-23 at 10:44 -0400, Gary Tai wrote: > Is there any requirement to configure Squid to forward SSL requests > apart from configuring the appropriate port (typically 443)? You also need a matching ssl enabled cache_peer if forwarding to port 443 on the web server. TYpically a setup looks like the following: acl http protocol http acl https protocol https http_port public.ip:80 accel defaultsite=your.main.sitename vhost acl servergroup_domains dstdomain your.main.sitename other.sitename ... cache_peer ip.of.web.server parent 80 0 no-query originserver name=servername_http cache_peer_access servername_http http servergroup_domains https_port public.ip:443 accel defaultsite=your.main.sitename sslcert=/path/to/main.sitename.pem cache_peer ip.of.web.server parent 443 0 no-query originserver ssl name=servername_https cache_peer_access servername_https https servergroup_domains If you have multiple servers with the same content then the same acl is used for them all.. (hence the severgroup_ notation above..) Regards Henrik
Attachment:
signature.asc
Description: This is a digitally signed message part
