Hi Amos
Am 18.02.2012 02:29, schrieb Amos Jeffries:
On 18/02/2012 3:09 a.m., Erich Titl wrote:
Hi Folks
cache_peer_access pfaeffikon-ssl allow sites_server_104
Note: cache_peer_access and cache_peer_domain are alternative metods of
deciding whether to service the request there. You can drop one of them.
http_access allow sites_server_104
####################################################################################
Here is an excerpt of the cache.log file
2012/02/17 14:47:07 kid1| Accepting HTTP Socket connections at
local=[::]:8080 remote=[::] FD 15 flags=9
2012/02/17 14:47:07 kid1| Accepting reverse-proxy HTTPS Socket
connections at local=[::]:443 remote=[::] FD 16 flags=9
2012/02/17 14:47:07 kid1| Configuring Parent
pfaeffikon.gever.asp.ruf.ch/8083/0
2012/02/17 14:47:07 kid1| Configuring Parent
To me it looks like the cache peer is not accessed correcly.
Maybe. That config says the peer will only service
http://m278.asp.ruf.ch:443/* URLs. And does so without encryption on the
squid<->peer link.
The goal is to terminate https requests on the proxy and forwarding the
requests for pfaeffikon.gever.asp.ruf.ch to a peer called
m278.asp.ruf.ch on port 8083
I see the requests arriving at the squid host, but it appears that it
does not use the host specified in the peer parameters but uses the name
of the original request host.
Yes. Exactly so. The client is asking for
https://pfaeffikon.gever.asp.ruf.ch/. Squid will attempt to service that
request.
You have told Squid to only accept requests for the domain m278.asp.ruf.ch.
Amos
Of course you were right, I needed to understand the syntax a bit
better. I had the settings the wrong way around.
Thanks
Erich
