Search squid archive

Second ssl website on squid3

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello!
 
I'm having trouble figuring out how to do solve this.
 
Right now i'm using squid 3.1.9 as reverse proxy with these configurations left by the old administrator:
 
This is working for what we want but now i need to do this for a second website (webmail.server1.pt) and can't seem to get it working.
I can get the target server working with https only(not allowing http traffic) but when i add the reverse proxy (squid3) in the middle, it stops working.
 
thanks in advance!
 
squid.conf
 
visible_hostname www.server1.pt 
 
acl purge method PURGE
acl CONNECT method CONNECT
acl SSL method CONNECT
 
acl CP_HTTP proto HTTP
acl CP_HTTPS proto HTTPS
 
cache_peer_access dc2_64 deny !CP_HTTP
cache_peer_access dc2_64_ssl deny !CP_HTTPS
 
acl all src all
acl manager proto cache_object
 
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
 
acl server1 dstdomain www.server1.pt 
 
http_access allow all
acl https port 443
http_access allow https
 
acl SSL_ports port 443
acl Safe_ports port 80  
acl Safe_ports port 21  
acl Safe_ports port 443 
 
http_access allow manager localhost
http_access deny manager
 
http_access deny !Safe_ports
 
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
 
http_port 80 protocol=http defaultsite=www.server1.pt  vhost
acl regular_acl port 80
acl http proto http
 
https_port 443 sslBump  protocol=https  accel defaultsite=server1.pt cert=/etc/squid3/ssl/server1.crt key=/etc/squid3/ssl/server1.key cafile=/etc/squid3/ssl/CACHAIN.crt
acl secure_acl port 443
http_access allow secure_acl
 
cache_peer 1.1.1.1 parent 80 0 no-query originserver forceddomain= name=www round-robin
cache_peer_domain www www.server1.pt server1.pt
cache_peer_access www allow regular_acl
 
cache_peer 1.1.1.1 parent 443 0 no-query originserver name=wwws originserver ssl sslflags=DONT_VERIFY_PEER
cache_peer_domain wwws www.server1.pt server1.pt
cache_peer_access wwws allow secure_acl
 

cache_dir ufs /var/spool/squid3 100 16 256
 
logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
 
access_log /var/log/squid3/access_server1.log combined server1
 

logfile_rotate 15
 
emulate_httpd_log on
 
coredump_dir /var/spool/squid3
 
refresh_pattern ^ftp:		   1440    20%     10080
refresh_pattern ^gopher:	    1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0	 0%	  0
refresh_pattern (Release|Packages(.gz)*)$	  0       20%     2880
 
refresh_pattern .			   0  	 20%	 4320
 
cache_effective_user proxy
httpd_suppress_version_string on
 
cache_effective_group proxy
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux