Re: [squid-users] SSL between squid and client possible?

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Wed, 22 Sep 2010 02:33:52 +0000

On Tue, 21 Sep 2010 16:39:53 -0700, "David Parks" <davidparks21_at_yahoo.com>
wrote:
> Can SSL be enabled between client and squid?
> Example: An HTTP request to http://yahoo.com goes over SSL from client
to
> squid proxy, then standard HTTP from squid to yahoo and again secured
from
> squid to client on the way back?
> It seems like this is only possible with reverse proxy setups, not
typical
> proxy forward traffic.
> Just wanted to verify my understanding here.
> Thanks,
> David

Squid will do this happily. https_port is the same as http_port but
requires SSL/TLS on the link.

The problem is that most web browsers won't do the SSL/TLS when talking to
an HTTP proxy. Please assist with bugging the browser devs about this.
https://bugzilla.mozilla.org/show_bug.cgi?id=378637. There are
implications that they might do HTTP-over-SSL to SSL proxies, but certainly
will send non-HTTP there and break those protocols instead.

Amos
Received on Wed Sep 22 2010 - 02:33:57 MDT

This archive was generated by hypermail 2.2.0 : Sat Sep 25 2010 - 12:00:03 MDT