On 30.05.2012 14:40, xiaoJay wrote:
Amos Jeffries, Thanks for reply.
I am running a regular proxy.
"So often the "https://"; part is never seen by Squid."
so how can i redirect http and https request to different cache peer?
now, I tried this conf: (use port 443 to distinguish http from https
request )
acl ACL_HTTPS proto HTTPS
acl ACL_HTTPS2 port 443
cache_peer 127.0.0.1 parent 5000 0 name=https_peer no-query
no-netdb-exchange no-delay
cache_peer 127.0.0.1 parent 5001 0 name=http_peer no-query
no-netdb-exchange no-delay
cache_peer_access https_peer allow ACL_HTTPS2
cache_peer_access http_peer allow ACL_HTTP
never_direct allow all
which seems work fine.
and i want to confirm : "is this a valid way?"
Yes.
All Squid gets is a request to setup CONNECT tunnel to a certain
hostname and port (usually port 443 for HTTPS).
The one thing you can't be sure of is that CONNECT is actually passing
HTTP Secure and not some other protocol to port 443.
Amos
