Re: SSL

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Mon, 29 May 2000 18:15:36 +0200

See http://squid.sourceforge.net/

No idea about the quality of the SSL squid extension, or if it even does
what you want (I think it does, but I haven't actually looked at this
stuff yet..). 

--
Henrik Nordstrom
Squid hacker
Harry MacDonald wrote:
> 
> In my case it is 1b) and no caching :-
> 
> The suggestion is to use Squirm in conjunction with Squid.
>   browsers --> Squirm  --> Squid   --> internal_web_servers
>      Squirm for URL mapping
>      Squid for logging and HTTPS-->HTTP translation
> 
> As I see it :-
> Without the Squirm, there could only be one web server - on the same machine as the Squid.
> Without the Squid there could be no HTTPS-->HTTP translation
> 
> Does anyone know where I can get the patches to Squid for acting as a gateway HTTP<->HTTPS ?
> 
> Harry MacDonald
> 
> >>> Henrik Nordstrom <hno@hem.passagen.se> 05/29/00 04:54PM >>>
> Squirm is not a proxy of any kind, so no. It is a URL
> rewriter/redirector to be used in conjunction with Squid.
> 
> To continue this discussion in a meaningful manner please first define
> what you mean by reverse proxying of HTTPS.
> 
> 1) Where is the SSL encryption & identification to be performed?
>    1a) Between the user agent and the origin server
>    1b) Between the user agent and the reverse proxy, then unencrypted
> between the reverse proxy and the origin server
>    1c) On a hop by hop basis. First between the user agent and the
> proxy, and then reencrypted between the proxy and the origin server
> using another set of SSL keys.
> 
> 2) Do you want any proxy based caching to be involved?
> 
> --
> Henrik Nordstrom
> 
> Harry MacDonald wrote:
> >
> > Does Squirm handle HTTPS ?
> > Could you reverse proxy HTTPS using Squirm ?
> >
> > >>> Henrik Nordstrom <hno@hem.passagen.se> 05/28/00 04:25PM >>>
> > Mikes Roman wrote:
> >
> > > can i use squid like a reverse proxy for HTTPS ? It means i have my web
> > > server inside of firewall and i need tunnel ssl through the firewall from
> > > outside.
> >
> > No, Squid cannot reverse proxy SSL.
> >
> > You are probably better off using a TCP plug like rinetd.
> >
> > Yes, there exists patches to Squid for acting as a gateway HTTP<->HTTPS.
> > Probably not what you want in this case, but it exists.
> >
> > --
> > Henrik Nordstrom
> > Squid hacker
Received on Mon May 29 2000 - 10:21:54 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:53:36 MST