RE: [squid-users] SSL and Reverse Proxy

From: Brad Taylor <[email protected]>
Date: Tue, 24 Aug 2004 17:27:53 -0400

I updated my Squid install with the SSL update.
I'm still having trouble getting this to work. Here is what I have.

http_port 80
httpd_accel_host 192.168.60.100 (SSL web server)
httpd_accel_port 80 the web site at the page will redirect the SSL to
port 443
httpd_accel_single host on
httpd_accel_with_proxy on
httpd_accel_uses_host_header off

https_port 433 cert=/path/cert.pem
sslproxy_client_certifacate /path/cert.pem

http_access allow all

Even though I use the IP address of squid I'm sent to the origin server
(192.168.60.100)

What am I doing wrong?

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Friday, August 20, 2004 7:10 PM
To: Brad Taylor
Cc: Chris Perreault; squid-users@squid-cache.org
Subject: RE: [squid-users] SSL and Reverse Proxy

On Fri, 20 Aug 2004, Brad Taylor wrote:

> 1. The browser opens an SSL connection directly to the origin server.
> I do not want this as I want to use the cache for images.
>
> 2. The browser tunnels the request through Squid with the CONNECT
> request method.

2 is not relevant in reverse proxies.

> Will caching work with this? How is this setup?

Nope.

What you need is Squid-3.0, or Squid-2.5 + SSL update + a bit of
tweaking
as Squid-2.5 does not have the same flexible reverse proxy configuration

as Squid-3.0 does.

Regards
Henrik
Received on Tue Aug 24 2004 - 15:27:55 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:02 MDT