Search squid archive

is squid in accelerator mode able to request client certificates for authentication?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

we are using squid (3.0)  in accelerator mode using https:
https_port 443 cert=/etc/squid/cert.pem key=/etc/squid/key.pem defaultsite=mail.domain.de cache_peer 10.1.1.1 parent 443 0 no-query originserver ssl sslflags=DONT_VERIFY_PEER name=mail.domain.de
...some acls...
this is working fine.

Now our customer wants to add a little bit security by authenticating the clients on the internet using client certificates. Is it possible to make squid request a client certificate (and if it is- how)? Or does the "real server" have to request the certificate? I didn't find something like that in the docs - if I missed that, please give me a hint where to find it.

client (internet) -----> squid (DMZ) 		-----> real server
client-cert?                 check if client
                                     cert is valid?

--
Reiner


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux