Re: [squid-users] Enabling SSLGateway

From: Richard Barrett <[email protected]>
Date: Wed, 12 Nov 2003 08:37:47 +0000

Henrik

Just for closure now the system is now up and running as we wanted and
I have a moment to relax.

On Friday, November 7, 2003, at 04:18 pm, Henrik Nordstrom wrote:

> On Fri, 7 Nov 2003, Richard Barrett wrote:
>
>> My objective is to use Squid as an https reverse proxy front ending an
>> Apache server. Squid is happily terminating incoming https connections
>> from the browser and making http requests to the Apache server. But I
>> want the requests from Squid to Apache to also use https so that Squid
>> is functioning as a transparent https 'gateway'.
>
> The easies way of doing this in Squid-2.5 is to use the Apache as a
> "parent" to your Squid with the ssl cache_peer flag.
>
> cache_peer your.apache.server parent 80 0 no-query ssl
> never_direct allow all
>

This worked OK but I had to change the parent port to 443 from 80.

Many thanks for your help.

Richard

> Another way is to use a redirector helper to rewrite the accelerated
> URLs
> to https://...
>
> In Squid-3 this is considerably easier and works a bit better (except
> for
> the fact Squid-3 is still under development and is somewhat of a moving
> target..)
>
> Regards
> Henrik
>
>
-----------------------------------------------------------------------
Richard Barrett http://www.openinfo.co.uk
Received on Wed Nov 12 2003 - 01:37:51 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:21:14 MST