Hi,
I'm trying to setup squid to be a load balancer, and provide redundancy,
to other anonymous proxies. Everything works fine for HTTP, but when
trying to use HTTPS squid falls back to http. Some sites don't allow
you to browse or login without HTTPS.
My Setup is:
/---> AnonProxy1 ---->Final
destination
Client ---> MyProxy -*---> AnonProxy2 ---->Final destination
\---> AnonProxy3 ---->Final
destination
Ideally between squid MyProxy and AnonProxy I'd like HTTP CONNECT
(RFC2616 ) tunnel to be setup. Does anyone have an example
configuration for this?
If I setup my client to connect directly to AnonProxy1 HTTP and
HTTPS work fine. I don't have any control or ability to change
configuration of AnonProxy.
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl SSL_ports port 443
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access deny all
http_port 3128
hierarchy_stoplist cgi-bin ?
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
# anonymous proxy cache peers
cache_peer X.X.1.1 parent 8800 0 round-robin
cache_peer X.X.2.2 parent 8800 0 round-robin
cache_peer X.X.3.3 parent 8800 0 round-robin
http_port 3129 intercept
https_port 3130 intercept key=/etc/squid/squid.key cert=/etc/squid/squid.crt
Thanks,
karl