Dear Amos and Yuri, thanks a lot for your answers.
Sorry for the mess, I'm novice here.
As it turned out my proxy is not transparent...
As it turned out my proxy is not transparent...
By "some reasons" I meant clients' experience reasons, let me explain.
I use explicit proxy and my clients connect to proxy using iPhone only.
I use explicit proxy and my clients connect to proxy using iPhone only.
I installed self-signed certificate on every iPhone and made login/pass authentication.
It works perfect for wi-fi connection, because in this case iPhone gives a possibility to specify proxy domain, port, login and password.
It works perfect for wi-fi connection, because in this case iPhone gives a possibility to specify proxy domain, port, login and password.
However to make them connect to proxy using mobile internet I had to install APN profile on each iPhone. Inside APN profile I can specify domain and port, but not login and pass
(APN doesn't have such settings). So when client opens browser using mobile internet he is
asked for login/pass every time. This situation is not appropriate for me so I can't use login/pass.
I'm thinking that maybe it's possible to replace login/pass authentication with certificate authentication.
I want to authenticate users using a digital certificate they already have on their iPhone.
I found some articles about certificate authentication for reverse proxy, but can't find anything about explicit one.
Is it possible?
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
