On 14/02/11 22:28, Javier wrote:
Hello, i need to put site1 and site2 in ssl mode. (the sites work fine internaly whith https://) through Reverse proxy. here, the actual .conf: acl manager proto cache_object acl localhost src 127.0.0.1/32 ::1 acl to_localhost dst ip_of_DMZ/24 acl valid_dst dstdomain .domain1.com acl valid_dst2 dstdomain .domain2.com acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow to_localhost http_access allow localhost http_access allow valid_dst http_access allow valid_dst2 http_access deny all http_port 80 vhost ..... cache_peer ip_of_site1 parent 80 0 no-query originserver name=site1 cache_peer_domain site1 site1.domain1.com cache_peer ip_of_site2 parent 80 0 no-query originserver name=site2 cache_peer_domain site2 site2.domain2.com cache_peer ip_of_site_3 parent 80 0 no-query originserver name=site2 cache_peer_domain site3 site3.domain2.com .... that change has to do to squid3 for site1 and site2 work on https?
To accept https:// you need to add an https_port on 443 with the public SSL certificates for the domain.
To make the squid3 -> origin links use SSL update their cache_peer port number and "ssl" flag.
http://wiki.squid-cache.org/ConfigExamples/Reverse/SslWithWildcardCertifiate#Squid_Configuration_File Amos -- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.11 Beta testers wanted for 3.2.0.5
