I've added myself to that bug and given it my interest. Do you know of any browses for which you can connect to squid over a secure https_port? I tried setting it up to learn about the limitations, but can't connect to the https_port using firefox, ie or safari. Thanks, Dave -----Original Message----- From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] Sent: Wednesday, September 22, 2010 10:34 AM To: squid-users@xxxxxxxxxxxxxxx Subject: Re: SSL between squid and client possible? On Tue, 21 Sep 2010 16:39:53 -0700, "David Parks" <davidparks21@xxxxxxxxx> wrote: > Can SSL be enabled between client and squid? > Example: An HTTP request to http://yahoo.com goes over SSL from client to > squid proxy, then standard HTTP from squid to yahoo and again secured from > squid to client on the way back? > It seems like this is only possible with reverse proxy setups, not typical > proxy forward traffic. > Just wanted to verify my understanding here. > Thanks, > David Squid will do this happily. https_port is the same as http_port but requires SSL/TLS on the link. The problem is that most web browsers won't do the SSL/TLS when talking to an HTTP proxy. Please assist with bugging the browser devs about this. https://bugzilla.mozilla.org/show_bug.cgi?id=378637. There are implications that they might do HTTP-over-SSL to SSL proxies, but certainly will send non-HTTP there and break those protocols instead. Amos
