Search squid archive

Re: reverse proxy and HTTP redirects

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On Tue, Dec 3, 2019 at 6:33 AM Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
>
> NP: you have not configured any Elliptic Curve to be used, so all those
> EC ciphers will not be usable. Also you configured some DES based
> ciphers and then disable DES.

I'll review that, thanks.

> The problem is that the client is talking to port 50443 and the service
> is expecting port 8080 in URLs.
>
> The best solution is to have the server and Squid using the same port
> number. Preferably 443 for HTTPS services.

I can't. Both 443 and 8080 are already in use.

> Alternatively you might be able to use the vport= option on https_port
> to set the URL port to 8080. However, this affects *all* inbound traffic
> at that port and any embedded URLs the service sends the client will
> remain broken (contain port 8080).

Whether I use vport=8080 or not, it still fails because the client
gets an HTTP redirection such as:

http://squidserver.local:50443/whatever (without vport=)

http://squidserver.local:8080/whatever (with vport=8080)

Note the http://.
So the client browser is instructed to connect to an HTTP port which
is closed/firewalled.
I would need to somehow rewrite the redirection to something like:

https://squidserver.local:50443/whatever (without vport=)

Vieri
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux