On 05/21/2018 10:22 AM, Carlos Cesar Caballero Díaz wrote: > Right now I am working against a squid proxy wich is using SSL/TLS > (encrypted browser-squid connection) and as you know there are a lot of > applications that does not work with this kind of proxy configuration. > In other ocations, I have been able to avoid some proxy issues > installing a local squid and using cache_peer, so that my local squid > handle the nasty parent configurations and my applications can work > cleanly against the local instance. So, can I use cache_peer against a > parent proxy whish is using SSL/TLS for encrypted browser-squid > connection? An if it is possible, How? Do you want to configure your Squid proxy to use proxy B as a parent when proxy B insists on all connections to it being encrypted? If yes, please see the various cache_peer options that start with letters "tls" and "ssl": > ==== SSL / HTTPS / TLS OPTIONS ==== > > tls Encrypt connections to this peer with TLS. ... I have not tested the HTTPS parent setup discussed above, but it looks like it should work in principle. Please note that, AFAIK, Squid does not support HTTPS parents for many SslBump configurations that require looking at TLS server Hello packets -- there is currently no support for TLS inside TLS. Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
