Hi, I'm using "squid" as a reverse proxy to allow the users to connect to exchange 2007 from the outside. All is ok(OWA and RPC overs https) but I would like to know if we can secure the connections with a certificate. I would like that the users must have inevitably the certificate to connect to the Outlook web access. For the moment if I have not the certificate I have a warning from the internet browser (because it 's a self signed certificate ) but I can continue and finally "catch" the owa interface" ... With apache I can use SSLVerifyClient but I don't know if it's possible with squid as a reverse proxy. Otherwise I can enable the option "client certificate require" in the ssl settings for the folder "owa" in IIS 7 but I would like to connect to outlook web access from the internal network without certificate. Below my squid configuration : visible_hostname "hostname" debug_options ALL,1 extension_methods RPC_IN_DATA RPC_OUT_DATA https_port 443 cert=/path/certif.crt key=/path/certif.key cafile=/path/ca.crt \ defaultsite="hostname" cache_peer "exchange_internal_ip" parent 443 0 no-query proxy-only originserver \ login=PASS ssl sslflags=DONT_VERIFY_PEER front-end-https=on name="exchange_hostname" acl all src 0.0.0.0/0.0.0.0 acl owa dstdomain "hostname" cache_peer_access "exchange_hostname" allow owa never_direct allow owa http_access allow owa http_access deny all miss_access allow owa miss_access deny all access_log /var/log/squid3/access.log squid Sorry for my english.. Thanks in advance. Regards.
