RE: [squid-users] reverse proxy and squid 2.5/2.6

From: Paolo Biancolli <[email protected]>
Date: Wed, 18 Oct 2006 12:56:59 +0200

Hi,

How will this affect say outlook web access (or any other authentication)?
Does it mean that users will not be able to authenticate to the backend
server properly?

Thanks
Paolo

-----Original Message-----
From: Henrik Nordstrom [mailto:henrik@henriknordstrom.net]
Sent: 17 October 2006 11:45 PM
To: Paolo Biancolli
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] reverse proxy and squid 2.5/2.6

tis 2006-10-17 klockan 15:56 +0200 skrev Paolo Biancolli:

> Is it possible to set up a reverse proxy with squid 2.5 or 2.6 to
> receive https requests on port 443 and have squid make the new request
> to the actual web server also using an ssl connection.

Yes, with 2.6. Very easy. But keep in mind that it terminates the SSL and
then opens a new SSL connection so the certificate seen by the client is the
certificate installed in Squid, and you can't use client certificates
authenticating to the backend web server.

2.5 requires some patching to make SSL backend servers work, and even then
it's a bit messy..

Regards
Henrik
Received on Wed Oct 18 2006 - 04:57:16 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:04 MST