Re: [squid-users] Re: Reverse Proxy SSL + Certificates

From: David Delamarre <[email protected]>
Date: Mon, 13 Dec 2004 17:42:49 +0100

Thanks Henrik

you are right i tried reverse with ssl between client and reverse
proxy ans it is working but if i need a certificate to authenticate to
the backend servers is not working ....
Have you another solution ?

Regards

On Mon, 13 Dec 2004 17:11:39 +0100 (CET), Henrik Nordstrom
<hno@squid-cache.org> wrote:
> On Mon, 13 Dec 2004, Ow Mun Heng wrote:
>
> > Right, exactly as I thought. hence, I presume, with the SSL update, then
> > squid can actually use the generated server-side cert and encrypt the
> > request to be forwareded to the backend server.
>
> Yes, but you still won't be able to use (browser) client certificates to
> authenticate to the backend servers.
>
> To use client certificate based authentication the end-user client must
> talk SSL directly to the server it is supposed to authenitcate to, not a
> surrogate inbetween.
>
> > (hmm.. Now, I need to figure out if Fedora's RPMS are patched for
> > SSL, not that I need it though)
>
> They are not patched with the SSL update, for good reasons.
>
> Regards
> Henrik
>
Received on Mon Dec 13 2004 - 09:42:58 MST

This archive was generated by hypermail pre-2.1.9 : Sat Jan 01 2005 - 12:00:02 MST