I'm converting a reasonably large configuration from squid v3 to squid v4 and I'm having a problem with SSL termination. I'm clearly missing something but I haven't been able to work out what. I'm using openssl not gnutls. Using the following: https_port 4277 accel defaultsite=<THE_BACKEND_SITE> cert=/etc/pki/tls/site.crt key=/etc/pki/tls/site.key options=NO_SSLv2,NO_SSLv3,CIPHER_SERVER_PREFERENCE cipher=<A-GIANT-LIST-OF-CIPHERS> sees https requests to port 4277 connect fine, but squid tries to reach the backend using https as well which fails because it is serving http only. using the following: https_port 4277 accel defaultsite=<THE_BACKEND_SITE> cert=/etc/pki/tls/site.crt key=/etc/pki/tls/site.key options=NO_SSLv2,NO_SSLv3,CIPHER_SERVER_PREFERENCE cipher=<A-GIANT-LIST-OF-CIPHERS> protocol=http sees port 4227 act as an http port (no ssl) but the requests to the backend from squid are correctly made via http. (protocol=HTTP/1.1 has the same effect). Is there an option to have squid make HTTP requests on behalf of HTTPS requests from clients? -- Sam Holden _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
