Rif: Re: [squid-users] squid in accellerated mode and edirectory and certificates

From: <[email protected]>
Date: Fri, 16 Nov 2007 14:17:37 +0100

Thank's

But how I can do this ?

My squid release:
Name : squid-beta Relocations: (not relocatable)
Version : 3.0 Vendor: SUSE LINUX
Products GmbH, Nuernberg, Germany
Release : 282 Build Date: Sun 26 Nov 2006
12:11:00 PM CET
Install Date: Fri 16 Nov 2007 10:08:52 AM CET Build Host:
Fatou.suse.de
Group : Productivity/Networking/Web/Proxy Source RPM:
squid-beta-3.0-282.src.rpm
Size : 4912996 License: GNU General Public
License (GPL)
Signature : DSA/SHA1, Sun 26 Nov 2006 12:19:56 PM CET, Key ID
a84edae89c800aca
Packager : http://bugs.opensuse.org
URL : http://www.squid-cache.org
Summary : Squid V3.0 WWW Proxy Server (new version)
Description : A recent development snapshot of the squid V3.0 WWW proxy
server.
Authors: Duane Wessels <wessels@ircache.net>
Distribution: openSUSE 10.2 (i586)

This is my squid.conf:

https_port 443 cert=/home/ilinty/pingu.cert key=/home/ilinty/pingu.pem
capath=/home/ilinty/pingu/ vhost

cache_peer 10.1.0.180 parent 80 0 no-query originserver login=PASS
name=www
cache_peer_domain www 10.1.1.53 sslname=10.1.1.53

cache_peer 10.1.0.199 parent 80 0 no-query originserver front-end-https
proxy-only no-digest login=PASS name=itaca
cache_peer_domain itaca pingu.regione.vda.it

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl portatile src 10.1.70.69/255.255.255.255
acl reteravda src 10.0.0.0/255.0.0.0

#acl certabilitati user_cert O Ravda

http_access allow reteravda
http_access allow portatile
http_access deny all

--------------------

Now I want to add certification authentication to the 2nd site
pingu.regione.vda.it --> 10.1.0.199 (itaca.regione.vda.it)

Can someone help my ?

I don't know also if the options: "no-query originserver front-end-https
proxy-only no-digest" are alle correct ...

Adrian Chadd <adrian@creative.net.au> wrote on 11/16/2007 01:07:23 PM:

> On Fri, Nov 16, 2007, i.linty@regione.vda.it wrote:
> > Hi,
> >
> > I'm new in this mailing list. Greetings to all!
> >
> > Can someone tell me if using squid is possible to make a proxy https
to
> > http in order to securize some intranet sites.
>
> Yes its entirely possible. :)
>
>
>
>
> Adrian
>
Received on Fri Nov 16 2007 - 06:17:49 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST