Search squid archive

reverse proxy redirect from http to https

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Greetings,

I am trying to configure my reverse proxy so that serves specific
sites through https. the web server behind this proxy is configured to
listen on both por 80 and 443, the later with its corresponding self
signed certificate and works perfectly as I've already tested it from
a client in the network. but when I test from a client outsited the
network I have to go through my reverse proxy. When I make a request
of the site from http protocol it kicks in an endless loop and finally
the browser just tells me that the site isn't directing properly. In
my access.log I get this

TCP_DENIED/302 324 GET http://webmail.xxx.xx/ - NONE/- text/html
1345131977.839    104 89.248.172.226 TCP_MISS/302 491 GET
https://webmail.xxx.xx/ - FIRST_UP_PARENT/webmail-ssl text/html
1345131981.497      1 89.248.172.226 TCP_DENIED/302 324 GET
http://webmail.xxx.xx/login.php - NONE/- text/html
1345131984.170     97 89.248.172.226 TCP_MISS/302 491 GET
https://webmail.xxx.xx/ - FIRST_UP_PARENT/webmail-ssl text/html
1345131988.055      1 89.248.172.226 TCP_DENIED/302 324 GET
http://webmail.xxx.xx/login.php - NONE/- text/html
1345131990.507     55 89.248.172.226 TCP_MISS/302 491 GET
https://webmail.xxx.xx/ - FIRST_UP_PARENT/webmail-ssl text/html
1345131993.606      1 89.248.172.226 TCP_DENIED/302 324 GET
http://webmail.xxx.xx/login.php - NONE/- text/html
1345131998.211    136 89.248.172.226 TCP_MISS/302 491 GET
https://webmail.xxx.xx/ - FIRST_UP_PARENT/webmail-ssl text/html

I really don't know what I'm missing and I would like some help on
this. This is what I have in my squid.conf right now. I just posted
the relevant parameters the rest is pretty much with default values:

#TAG: http_port
http_port 80 accel vhost
https_port 443 cert=/usr/local/newrprgate/CertAuth/testcert.cert
key=/usr/local/newrprgate/CertAuth/testkey.pem version=3 vhost
protocol=https

#  TAG: cache_peer
cache_peer 10.25.x.x parent 80 0 no-query originserver name=webmail-http
acl sitio5 dstdomain webmail.xxx.xx
acl https port 443
cache_peer_access webmail-http allow sitio5
http_access allow sitio5 https

cache_peer 10.25.x.x parent 443 0 no-query originserver ssl
sslflags=DONT_VERIFY_PEER front-end-https=on name=webmail-ssl
acl sitio7 dstdomain webmail.xxx.xx
acl https port 443
cache_peer_access webmail-ssl allow sitio7
http_access allow sitio7 https

acl site1 dstdomain webmail.xxx.xx
deny_info https://webmail.xxx.xx/ site1

acl port80 proto http
http_access deny port80 site1


http_access deny all



Please help. thanks in advance,

Osmany



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux