[squid-users] reverse proxy for ssl sites

From: Guido Marino Lorenzutti <glorenzutti_at_jusbaires.gov.ar>
Date: Sat, 26 Dec 2009 01:06:28 -0300

Hi people!
Im using squid for reverse proxing a lot of sites for quite a few
years. The thing is that I have severeal sites that i need to give ssl
support and i can't find a way to tell the squid to act the same way
that he acts for the non ssl connections.

This is my setup to work with the non ssl connections. I try and it
dosen't work by just telling to listen also in the port 443. Any links
that can help?

Tnxs in advance.

http_port 80 transparent

cache_dir aufs /var/spool/squid 8000 16 256
cache_mem 25 Mb
cache_swap_low 90
cache_swap_high 95
maximum_object_size 8192 KB
maximum_object_size_in_memory 20 KB

acl accepted_sites url_regex "/etc/squid/accepted_sites"

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY

acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

logformat combined %>a %ui %un [%{%d/%b/%Y:%H:%M:%S +0000}tl] "%rm %ru
HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh

access_log /var/log/squid/access.log combined

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 # https
acl Safe_ports port 80 # http
acl purge method PURGE
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow accepted_sites
http_access deny all
http_reply_access deny all
icp_access deny all
Received on Sat Dec 26 2009 - 04:06:43 MST

This archive was generated by hypermail 2.2.0 : Sun Dec 27 2009 - 12:00:01 MST