On 16.05.2012 09:20, Sylvio Cesar wrote:
> Hi,
>
> - It possible do cache of port 443 with SSL Reverse Proxy?
Yes.
>
> - What is the advantage of doing reverse proxy SSL if the squid does
> not make
> SSL cache?
SSL offloading away from the WWW server. When the WWW server is doing a
lot of dynamic content generation any reduction of CPU can benefit
overall.
Plus all the other scaling advantages of reverse-proxy. There is
nothing special about SSL reverse-proxy other than the traffic arrives
over a secure channel.
> - You can startar two instances of squid, and the second
> instance is a squid.conf https_port doing reverse proxy with SSL?
>
> This is because the workstations of the environment here has two
> firefox profiles (firefox a profile in common, and the other by means
> of a
> web application that uses port 443) for this reason it would be
> deployed two instances of squid.
Yes. But why two Squid? One instance can do multiple input modes and is
simpler to operate. The method the client uses to configure the proxy is
largely irrelevant to the proxy.
AND, if there is a browser configured to use the proxy it is *NOT* a
reverse-proxy. It is a forward-proxy.
reverse-proxy is when there is only DNS records pointing at a domain
name serviced by the proxy pretending to be a web server.
>
> The question begs, if the squid does not cache SSL as
> SSL reverse proxy, what is the advantage of using squid as proxy
> Reverse SSL?
Question is irrelevant. Caching happens on all cacheable content.
TLS/SSL does not determine cacheability.
Amos
Received on Tue May 15 2012 - 23:54:45 MDT
This archive was generated by hypermail 2.2.0 : Wed May 16 2012 - 12:00:04 MDT