> On ons, 2007-10-03 at 10:40 +0100, Bruce Badger wrote:
>> It's great to see RC releases of Squid 3.0.
>>
>> One of the things I heard would be possible with Squid 3.0 is to have
>> Squid accept HTTPS requests and to pass these on to an origin server
>> as HTTP requests and the reverse effect with responses,
>
> Yes, this has been possible since Squid-2.5, and is still possible in
> 3.0..
>
> see the https_port directive. And the FAQ chapter on reverse proxying.
>
>> I found no mention of SSL or HTTPS on the reverse proxy page.
>
> Right.. certainly deserves to be mentioned there. Any takers for writing
> up that part?
>
I was thinking of it last night with the HTTPS tests.
The problem though was that I don't seem to understand it very well. When
I configured:
https_port 3127 cert=/test/squid.pem key=/test/squid.key
defaultsite=treenet.co.nz
cache_peer *** 80 0 originserver
...
Then requested "https://192.168.0.192:3127/" in the browser to grab from
the test cache. I kept getting squid error pages indicating it could not
connect to "https://treenet.co.nz/"
Is there something that elides the 'https' in the relayed request?
This is the test config I mentioned elsewhere that wouldn't even accept
connections unless visible_hostname matched the encrypted domain inside
the .pem.
Amos
Received on Wed Oct 03 2007 - 20:20:39 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:01 MDT