Hi, I've been using Squid 2.6/7 for a while as a redirecting proxy for developers to preview their changes as if they are looking at production websites. Now I need to support rewriting SSL requests as well and this has brought me to investigate Squid 3.2/3.1 As both of these seem very new and alot seems to have changed, I'm hoping you can help point me in the best direction. I understand that 3.2 has the DynamicSSLCert feature and that a patch exists for 3.1 as well- which would be the prefered way to implement this for semi production/internal users? Is there any way to restrict which sites get bumped and which do not? I also understand that redirect_program has been replaced with url_rewrite_program but the interface seems to be fairly backwards compatible- any gotchas to look out for? Will the url_rewrite_program have access to the decrypted https request? If so, will the rewrite program be able to rewrite the request and still send it over HTTPS? Have their been changes in Active Directory integration for proxy authentication? Currently I'm using NTLM and Basic authentication+winbind but not without issues. I understand there are some changes regarding SMP. Currently I run multiple instances of Squid with different configurations(http_port, redirect_program). Can I consolidate this any with the newer versions? I'd be interested in sharing the authentication helpers, but still having different http/https ports and rewrite configurations. Thanks in advance, Yonah
