Search squid archive

SSL termination problem - squid's requests using https

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I'm converting a reasonably large configuration from squid v3 to squid
v4 and I'm having a problem with SSL termination. I'm clearly missing
something but I haven't been able to work out what. I'm using openssl
not gnutls.

Using the following:

https_port 4277 accel defaultsite=<THE_BACKEND_SITE>
cert=/etc/pki/tls/site.crt key=/etc/pki/tls/site.key
options=NO_SSLv2,NO_SSLv3,CIPHER_SERVER_PREFERENCE
cipher=<A-GIANT-LIST-OF-CIPHERS>

sees https requests to port 4277 connect fine, but squid tries to
reach the backend using https as well which fails because it is
serving http only.

using the following:

https_port 4277 accel defaultsite=<THE_BACKEND_SITE>
cert=/etc/pki/tls/site.crt key=/etc/pki/tls/site.key
options=NO_SSLv2,NO_SSLv3,CIPHER_SERVER_PREFERENCE
cipher=<A-GIANT-LIST-OF-CIPHERS> protocol=http

sees port 4227 act as an http port (no ssl) but the requests to the
backend from squid are correctly made via http. (protocol=HTTP/1.1 has
the same effect).

Is there an option to have squid make HTTP requests on behalf of HTTPS
requests from clients?

-- 
Sam Holden
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux