Ok, perhaps I misunderstood how CONNECT works. When Squid CONNECT's to a remote webserver via HTTPS, the tunnel is created between the user and the remote server.. so is all data sent over HTTPS (from the remote server to the client using the squid proxy)? Thanks, Josh -----Original Message----- From: Baird, Josh Sent: Friday, May 07, 2010 1:17 PM To: 'squid-users@xxxxxxxxxxxxxxx' Subject: HTTPS and Squid Typically, all of our proxy clients connect to our Squid servers via HTTP (TCP/80). If they request a HTTPS site, Squid will CONNECT to the site and tunnel the data back to the client via HTTP. I have a scenario now where the entire stream needs to be HTTPS: <User>----(HTTPS)----<Squid>-----(HTTPS)----<Destination Server on Internet> How would I support this in Squid? Would I need to add a "https_port" and install a SSL certificate on the proxy server? Would the proxy server then decrypt data from the <User> and rencrypt it using <Destination Server's> SSL certificate on the way out to the Internet? Thanks, Josh
