Search squid archive

Re: Can squid acted as a application SSL proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



李春 wrote:
> Thanks for your reply.
> 
>> Date: Fri, 28 Nov 2008 16:19:36 +1300
>> From: squid3@xxxxxxxxxxxxx
>> To: chunli5ren@xxxxxxxxxxx
>> CC: uhlar@xxxxxxxxxxx; squid-users@xxxxxxxxxxxxxxx
>> Subject: Re:  Can squid acted as a application SSL proxy
>>
>> 李春 wrote:
>>> Thanks for you help.
>>> But I am sorry you may mistook my meaning entirely.
>>> I do not need the http proxy and cache functionality of squid.
>>> I just wander that if the squid can receive the client SSL connetion( or packages)
>>> , decode it and tranfer the data with no SSL to the server as a transparent layer.
>>> squid using SSL may be like this: 
>>> --------
>>> http data
>>> --------
>>> SSL
>>> --------
>>> TCP/IP
>>> --------
>>> But I wonder if the squid can act like this
>>> --------
>>> my application data
>>> --------
>>> SSL
>>> --------
>>> TCP/IP
>>> --------
>>> Thanks very much.
>>> yours,
>>> Pickup.Li
>>>
>> You seem to misunderstand the network layering concept.
>>
>> You want something that connects to clients using HTTPS (HTTP/SSL) and
>> connects them to your application using plain HTTP?
>>
>> The name for such configuration is "reverse proxy".
>> http://wiki.squid-cache.org/SquidFaq/ReverseProxy
>>
>> Only the front listening port is configured with https_port instead of
>> http_port.
>>
> Yes. I want to build ReverseProxy of squid. 
> And I have manage to build it with "https_port" in my environment.
> But my client is not web explorer but a application.

No problem as long as your application speaks proper HTTP. If it speaks
another protocol it should not being going through Squid.

> 
> 
>> caching is optional.
>>
>> The action of wrapping/unwrapping SSL requires proxy of some type,
>> sometimes called tunnel agents.
>>
> Yes. You get it. I just want the "wrapping/unwrapping SSL requires proxy"
> and wander if squid can be configuratured as it. 
> if any other exist open source project major in it, Please let me know.
> I am very appreciated for your help.

"stunnel" may also apply. It's a generic tunnel creator though so I
don't know if its applies as a general receiving agent.

Amos


>>>> Date: Thu, 27 Nov 2008 15:54:08 +0100
>>>> From: uhlar@xxxxxxxxxxx
>>>> To: squid-users@xxxxxxxxxxxxxxx
>>>> Subject: Re:  Can squid acted as a application SSL proxy
>>>>
>>>> On 27.11.08 09:45, 李春 wrote:
>>>>
>>>> Please configure your mailer to wrap lines below 80 characters per line.
>>>>
>>>>> I have a client/server application program and want to add SSL module to
>>>>> it to secure the data transferring on the network. I wander that if I can
>>>>> use the squid as a SSL proxy between client and server. The squid will
>>>>> configurated as a reserve proxy and located in the application server's
>>>>> environment. The client and squid contact with SSL connection. Just like
>>>>> this:
>>>>> <-(no SSL)-- <-(SSL)--
>>>>> Server Squid client
>>>>> --(no SSL)-> --(SSL)->
>>>>>
>>>>> I know squid can act as web proxy like this using "https_port". But I am curious that if I can make use of squid like this.
>>>> Yes, that's what https_port is for. Just properly configure squid as reverse
>>>> proxy.
>>>>
>>>> -- 
>>>> Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
>>>> Warning: I wish NOT to receive e-mail advertising to this address.
>>>> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
>>>> I wonder how much deeper the ocean would be without sponges. 
>>> _________________________________________________________________
>>> 新版手机MSN,新功能,新体验!满足您的多彩需求!
>>> http://mobile.msn.com.cn
>>
>> -- 
>> Please be using
>> Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10
>> Current Beta Squid 3.1.0.2
> _________________________________________________________________
> MSN热搜榜,每天最In的信息资讯和热点排行让您一览无余!
>  http://top.msn.com.cn


-- 
Please be using
  Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10
  Current Beta Squid 3.1.0.2

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux