On 15/11/2011 12:01 a.m., Deepak Rao wrote:
Hi,
I have a requirement in which I would like to convert a HTTP request
(going via squid proxy) to be converted into HTTPS - thus squid proxy
can handle the ssl handshake and any mutual certificate validations.
To elaborate:
- I have a application which tries to contact an external website (abcdef.com)
- The request goes via squid proxy (port 3128)
- If I can have a configuration is squid proxy which checks for
external hostname (abcdef) and to such requests, it converts the
requests into an HTTPS call.
- Now the external website abcdef.com's ssl handshake is handled by
squid proxy, which also decrypts the response& the decrypted response
is given back to my application.
Is this possible in squid proxy?
Maybe.
If you really do mean only one website (or a small number), then you can
do it with a cache_peer link exactly like you would a reverse-proxy config:
cache_peer abcdef.com parent 443 0 originserver ssl no-query
acl abc dstdomain abcdef.com
cache_peer_access abcdef.com allow abc
If you need it for many or variable sites (ie every website). Then no.
Squid needs to be configured explicitly to add SSL wrapping
per-destination.
Amos