Re: [squid-users] SSL issue

From: Henrik Nordstrom <[email protected]>
Date: Tue, 21 Aug 2007 00:20:44 +0200

On mån, 2007-08-20 at 15:04 -0700, Srinivas B wrote:
> Hi Henrik,
>
> Yes I use it like a reverse proxy. problem is..., we http server. now
> we want to support https users also for the same server. since squid
> sits in front of web server.., i guess its not allowing https
> requests.

Ok.

> how should i enable it..., when I am ready with HTTP-SSL server as
> origin server.

To proxy https Squid needs to terminate the SSL. This is what https_port
does. The http request is also fed as an https:// URL to the Squid proxy
engine.

The backend web server do not need to run https, but it helps in certain
configurations (but costs more CPU).

The ssl option to cache_peer directive tells Squid to use https to the
backend web server.

To select wich cache_peer a request is sent to use cache_peer_access.
This can use acls based on pretty much anything, including if it's http
or https..

To define multipe cache_peer to the same host but different ports use
the name= option.

Regards
Henrik
Received on Mon Aug 20 2007 - 16:20:56 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Sep 01 2007 - 12:00:03 MDT