[squid-users] Re: Redirecting before certificate handling

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Tue, 25 Sep 2007 19:05:43 +0200

On tis, 2007-09-25 at 09:31 -0700, Srinivas B wrote:

> I know that squid can't have multiple certs for single [IP]:port.

True, due to SSL being at the TCP level, long before the HTTP request is
known.

There is some recent extensions to SSL to overcome this restriction of
SSL, but it has not yet gotten widespread support in the browsers, and
also no support in Squid yet..

> Also
> I cant tell squid that use this port for this domain name, and other
> port for other domain (to use multiple https_port).

Sure you can. Squid supports as many https_port directives as you like.
Best result if you have one IP per domain.

> Is there anyway that I redirect requests coming to abc.mydomain.com to
> xyz.mydomain.com without showing the end user a security warning
> message (domain mismatch).

?

Regards
Henrik

Received on Tue Sep 25 2007 - 11:05:56 MDT

This archive was generated by hypermail pre-2.1.9 : Mon Oct 01 2007 - 12:00:03 MDT