[squid-users] SOAP client with no SSL client-certificate features

From: D.Veenker <dv_at_veenker.tk>
Date: Tue, 20 Apr 2010 23:25:59 +0200

I am running into the following problem and I think Squid might be just
the solution I am looking for. But I'm not sure about it.

We are developing an application consuming a SOAP-webservice. The
platform we are developing on (4D) does not support SSL with client
certificates. It does support the regular HTTPS features though.

So I was wondering if Squid could help me out, and proxy a regular
plain-http (or https) request from this newly made application to the
webservice implementing the SSL connection with client certificates.

Let's say the url of the webservice is:
https://webservice.domain.com/methods
 From this developed 4D-application I'd like to connect to
http://webservice.domain.com/methods and let Squid do all the SSL
features using client certificate authorization.

Situation:
Application not capable of SSL with client certificates -->> plain
HTTP-request -->> Squid (+ client certificate provided by webservice
company) -->> HTTPS request with client certificate -->> SSL Webservice

And of course vice-versa, but I assume you already guessed that. The
certificates are formatted as .der documents, but I guess I can overcome
the problem when squid does only support a particular format by
converting the certificate.

** Is this type of proxying possible using Squid?
** How do I configure such a situation in Squid?
** What elements need to be compiled with Squid to get these features
implemented?

To be honest I'm an total rookie to Squid so I might need some specific
help, on the other hand not to lazy to get through some docs when you me
point me in the right direction. And last but not least, I have a strong
wish to run Squid on a debian server.

Thanks in advance,
Dolf Veenker - Rotterdam - Netherlands
Received on Tue Apr 20 2010 - 21:26:02 MDT

This archive was generated by hypermail 2.2.0 : Thu Apr 22 2010 - 12:00:05 MDT