RE: [squid-users] Accelerator Mode question

From: Henrik Nordstrom <[email protected]>
Date: Fri, 31 Mar 2006 13:56:30 +0200

fre 2006-03-31 klockan 08:56 +0200 skrev Paolo Biancolli:

> Thanks for the reply. Does this mean if I need to authenticate to a
> server over ssl through a squid reverse proxy, I won't be able to as the
> ssl session terminates at squid and then a new one starts up to the
> backend server?

You can't use a client-side certificate as user authentication to the
backend server no. But in theory can it be used for identification
purposes to Squid, and Squid can even provide it's own client-side
certificate for authenticating Squid to the backend server.

I say in theory above about client side certificate authentication to
Squid as the implementation of certificate validation isn't fully
finished and some work remains.

> Where can I get the ssl patch from?

devel.squid-cache.org.

Regards
Henrik

Received on Fri Mar 31 2006 - 04:56:42 MST

This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:05 MST