> As I said, you can't do that. Transparent proxying of SSL traffic is
> not supported by Squid (or any proxy I know of).
>
> I believe Henrik has mentioned in the past that it would be possible
> with some coding in Squid (basically hacking every SSL request into a
> CONNECT transparently). If you must have it, I reckon you could hire
> Henrik or someone else to implement it for you. It is considered to be
> a rather ugly hack by most or all of the developers, so it is unlikely
> that any will ever spend time on developing such a feature for fun.
>
> COLSON Arkadi wrote:
> > I just want to make it transparent the users can select direct connection in
> > the browser settings
> > I just did another test and I found out this.
> > If I set the https-proxy in the browser settings to 10.1.5.100 port 3128(so
> > directly without any redirection), then it works, but I don't want that.
I have my redirect set up only for port 80, which leaves the SSL
traffic up to the NAT/Firewall to route. Since squid doesn't know how
to cache SSL data, it's useless to pass the load onto it. Since you
are using a private class subnet I assume you have some type of
MASQ/NAT setup?
-justin
-- Justin M. Parker --------/ \ o--- Systems Administrator -----/ \ | http://www.pneumatek.com Pneumatek, Inc. ---\ / http://www.thetekshop.com | (417)264-4800 ---\ / ---oReceived on Thu Jun 13 2002 - 16:10:47 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:41 MST