Search squid archive

HTTPS intercept sent to cache_peer

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I'm trying to setup squid to be a load balancer, and provide redundancy, to other anonymous proxies. Everything works fine for HTTP, but when trying to use HTTPS squid falls back to http. Some sites don't allow you to browse or login without HTTPS.

My Setup is:

/---> AnonProxy1 ---->Final destination
Client ---> MyProxy  -*--->  AnonProxy2 ---->Final destination
\---> AnonProxy3 ---->Final destination



Ideally between squid MyProxy and AnonProxy I'd like HTTP CONNECT (RFC2616 ) tunnel to be setup. Does anyone have an example configuration for this? If I setup my client to connect directly to AnonProxy1 HTTP and HTTPS work fine. I don't have any control or ability to change configuration of AnonProxy.



acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

acl SSL_ports port 443
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access deny all
http_port 3128

hierarchy_stoplist cgi-bin ?


coredump_dir /var/spool/squid

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

# anonymous proxy cache peers
cache_peer X.X.1.1 parent 8800 0 round-robin
cache_peer X.X.2.2 parent 8800 0 round-robin
cache_peer X.X.3.3 parent 8800 0 round-robin

http_port 3129 intercept
https_port 3130 intercept key=/etc/squid/squid.key cert=/etc/squid/squid.crt


Thanks,

karl




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux