On 15/09/18 5:49 AM, John Refwe wrote: > Hi, > > I have a couple of questions about the squid https_port. > > 1) Does it only exist for transparent connections? I know if I want to > have a transparent proxy that can accept requests TLS requests, I need > to have the port be a https_port rather than a http_port, but is that > what it was created for? https_port is for receiving port 443 https:// (HTTP over TLS) rather than port 3128 or 80 http:// (HTTP over TCP). > > 2) How come the https_port does not support receiving proxy protocol? > Perhaps I'm misunderstanding a bit here, but I thought that HAProxy > supports sending it before instantiating a TLS connection? HAProxy does, Squid does not (yet). Mainly because OpenSSL was the code receiving TLS handshakes. SSL-Bump changes that somewhat, but has not stabilized enough yet to integrate PROXY protocol into the new TLS parser. Patches welcome. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
