Sorry for answering my own post, but I have found the solution to this problem. So for the benefit of those that might also want to know... cache_peer core.example.com parent 443 0 no-query originserver login=PASS ssl sslflags=DONT_VERIFY_PEER name=ssl-www.example.com acl wwwssl-name_acl dstdomain www.example.com acl wwwssl-port_acl port 443 http_access allow wwwssl-name_acl wwwssl-port_acl cache_peer_access ssl-www.example.com allow wwwssl-name_acl wwwssl-port_acl cache_peer_access ssl-www.example.com deny all The trick is in the fact that if you supply two acls to a cache_peer_access or http_access command, then the two are logically ANDed. So in the above, the http_access and cache_peer_access both require the requested host to be www.example.com AND port 443. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/separate-channels-for-http-and-https-to-the-same-host-tp4665285p4665289.html Sent from the Squid - Users mailing list archive at Nabble.com.
