On 15/09/11 04:20, nemus wrote:
Hi I want to create a proxy which encrypts all http traffic to https
Can squid do this ?
Yes, no, and maybe. All at the same time.
Yes - Squid can encrypt traffic. Requires OpenSSL AND a cache_peer link
with "ssl" flags to another proxy which accepts SSL encrypted input (ie
https_port)
No - Squid cannot make the browser use SSL in its communication.
Maybe - Squid can emmit 305 status responses requesting the browser use
a proxy at an https:// location. This has almost no browser support last
time I checked.
Maybe - you can intercept traffic and pass it down an encrypted
cache_peer link.
Overall I think with todays technology its easiest to use a machine
level interface (VPN tunnel) to do the encryption. You can use these for
any traffic and even if you like, point browser->proxy traffic through
one to a Squid https_port.
What would this process be called?
"Encryption". As in; "SSL Encryption", "transport layer encryption",
"encryption gateway", "encrypted proxy tunnel", "encrypted peer", etc.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.15
Beta testers wanted for 3.2.0.11
