On 16.05.2012 09:20, Sylvio Cesar wrote:
Hi,
- It possible do cache of port 443 with SSL Reverse Proxy?
Yes.
- What is the advantage of doing reverse proxy SSL if the squid does
not make
SSL cache?
SSL offloading away from the WWW server. When the WWW server is doing a
lot of dynamic content generation any reduction of CPU can benefit
overall.
Plus all the other scaling advantages of reverse-proxy. There is
nothing special about SSL reverse-proxy other than the traffic arrives
over a secure channel.
- You can startar two instances of squid, and the second
instance is a squid.conf https_port doing reverse proxy with SSL?
This is because the workstations of the environment here has two
firefox profiles (firefox a profile in common, and the other by means
of a
web application that uses port 443) for this reason it would be
deployed two instances of squid.
Yes. But why two Squid? One instance can do multiple input modes and is
simpler to operate. The method the client uses to configure the proxy is
largely irrelevant to the proxy.
AND, if there is a browser configured to use the proxy it is *NOT* a
reverse-proxy. It is a forward-proxy.
reverse-proxy is when there is only DNS records pointing at a domain
name serviced by the proxy pretending to be a web server.
The question begs, if the squid does not cache SSL as
SSL reverse proxy, what is the advantage of using squid as proxy
Reverse SSL?
Question is irrelevant. Caching happens on all cacheable content.
TLS/SSL does not determine cacheability.
Amos
