On 19/01/11 21:41, Hakan Cosar wrote:
Hello, we are trying to get reverse proxy work for Windows SBS 2008. Active-Sync and OWA works fine on SBS. I've exported the certificate from SBS as .pfx and converted it to .pem format. The Domain name remote.sci.de is not public; instead we use the public IP-Address. Any idea? Cosar --squid.conf---------------------------------------------------------------- visible_hostname revproxy
Visible hostname is supposed to be the public hostname by which the public see your proxy machine identified. I would expect it to be "remote.sci.de" in this case.
debug_options ALL,1 extension_methods RPC_IN_DATA RPC_OUT_DATA https_port 192.168.50.199:443 accel cert=/etc/squid/cert/sbs2008.pem key=/etc/squid/cert/sbs2008.key defaultsite=remote.sci.de cache_peer 192.168.5.34 parent 443 0 no-query originserver login=PASS front-end-https=on name=exchangeServer
You need at minimum to flag "ssl" on the cache_peer line to turn on SSL encryption on that link.
acl owa dstdomain remote.sci.de cache_peer_access exchangeServer allow owa cache_peer_access exchangeServer allow all never_direct allow owa http_access allow owa http_access allow all miss_access allow owa miss_access allow all --squid.conf---------------------------------------------------------------- Cache.log says: 2011/01/18 16:24:57| Squid Cache (Version 3.0.STABLE20): Exiting normally. 2011/01/18 16:24:58| Starting Squid Cache version 3.0.STABLE20 for i386-redhat-linux-gnu...
<snip>
2011/01/18 16:24:59| storeLateRelease: released 0 objects -----BEGIN SSL SESSION PARAMETERS----- MFECAQECAgMBBAIAhAQABDAgagjWSe3u/7aXYFMw117Ty+i+g2VyHR1hRYLV/PND yxtyiDO7NYN7MVbNoZ+TOw6hBgIETTWxLqIEAgIBLKQCBAA= -----END SSL SESSION PARAMETERS----- 2011/01/18 16:26:54| TCP connection to 192.168.5.34/443 failed
Amos -- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.10 Beta testers wanted for 3.2.0.4
