Jan-Frode Myklebust wrote:
Does squid support being configured as an encrypted (SSL) proxy,
where the connection between client and proxy go over SSL to avoid
f.ex. sniffing of the proxy password and other non-https traffic ?
Squid supports it. The https_port directive can be configured just like
http_port but with SSL certificates etc.
The blocker problem is that client browsers do not support it.
Also, could the proxy authentication then be utilizing client
certificates instead of username/password ?
Authentication? no.
Authorization? maybe. There are some ACL types that can authorize or
deny based on client certificate fields.
Of course you can still do full normal proxy authentication inside the
SSL encrypted requests.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.3
