because the destination IP is the actual machine IP.
eg: /etc/hosts
mail.google.com 10.0.0.250
that at 10.0.0.250
as for the ssl certificate, I hope to self sign with a made up root CA.
Nir.
On Tue, Jan 5, 2016 at 9:44 PM, Antony Stone <Antony.Stone@xxxxxxxxxxxxxxxxxxxx> wrote:
On Tuesday 05 January 2016 at 20:30:06, Nir Krakowski wrote:
> how can you combine accel proxy with ssl-bump ?
Have you looked at http://www.squid-cache.org/Doc/config/http_port/ ?
You put the certificate (which would normally be on the web server) on the
Squid server (because that's the machine terminating the request, as far as
the client is concerned).
You can have the connection between Squid and the real web server be HTTP (if
it's over a secure network) or HTTPS, as you wish.
If you don't own the certificate (and therefore can't put it, and it's
corresponding private key, on the Squid server), then why are you doing
accelerator mode?
Antony.
--
Most people have more than the average number of legs.
Please reply to the list;
please *don't* CC me.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
