Re: Accelarator and SSL

From: Henrik Nordstrom <>
Date: Sat, 06 Dec 1997 00:46:34 +0100

Squid can't accelerate HTTPS servers. Squid only listens for HTTP and
not SSL connections.

Why squid does not listens for SSL connections:
1. It is primarily written as a proxy and not as a accelerator, and when
proxying SSL connections is private. Squid only tunnels the SSL request.
2. It squid was to listen for SSL connections in accelerator mode, then
it needs to act as a SSL gateway, either gatewaying SSL->HTTP or
SSL->SSL (one SSL channel between the client and Squid, and a completely
different one between Squid and the server).
3. SSL support is covered by a number of patents and some export
restrictions, making Squid hard to distribute unlimited without charge
if SSL is added.

Henrik Nordström wrote:
> We want to use squid in accelarator mode for an internal webserver running
> https.
>   Does anybody have experience in doing this and could give me some tips on
> possible problems.
> Thanks in advance, Holger
Received on Fri Dec 05 1997 - 16:23:40 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:37:51 MST