Search squid archive

Re: problem to configure reverse proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 14/04/11 22:28, Pascal Bourdais wrote:
Le Fri, 25 Mar 2011 22:44:54 +1300,
Amos Jeffries<squid3@xxxxxxxxxxxxx>  a écrit :

Hi,

Thank you for your answer, and sorry for the very late answer, i've
been out for a very long time.

On 25/03/11 22:09, Pascal Bourdais wrote:


I follow the doc at :
http://wiki.squid-cache.org/ConfigExamples/Reverse/SslWithWildcardCertifiate
but it give 1 certificate for 2 sites, and thus the certificat is not
valid when i access the sites.

The point of using a wildcard is that is *is* valid for more than one
domain. It says to the client that it is valid for all *.example.com
domains hosted by that server.

If they are not sub-domains then you will need a chained certificate
(X.509 aliases), or a separate port for each HTTPS receiving domain.

They are all differents domain, i look for this later.
I have the site I want working, the https for the others are still with
apache.

All the wrap are done by my mua. And I correct my config as you suggest.

Is there a way to let them as this, and just let squid act as a switch
between several https sites ?

Only if the certificate can match them all at once. Which I think is not usually possible in one certificate for many domains. Squid does not (yet) have dynamic certificates on its reverse-proxy https_port.
 In theory there is nothing preventing it. Just nobody has coded it.

For now the best way is to allocate each a unique IP and configure Squid with several https_port $ip:443 entries.

Amos
--
Please be using
  Current Stable Squid 2.7.STABLE9 or 3.1.12
  Beta testers wanted for 3.2.0.6


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux