[SQU] SSL Gatewaying

From: John Castillo <john@dont-contact.us>
Date: Tue, 20 Feb 2001 11:41:47 -0800

Henrik... anyone... help!

i have a need to setup a transparent proxy for external users.
basically these external users would want to access internal resources
limited by ACLs placed in squid. i can do this already, but the
transparent proxy only works for http and not https enabled resources.
likewise, if i specify a proxy.pac file and use normal proxy mode, squid
can be used to access both http and https sites. unfortunately,
manually configuring ANY clients will prove to be overly cumbersome.
i've read the many posts on the mailling list and Henrik has always
explained that squid does not do https in transparent mode. however,
some ppl have said that if you apply the SSL gatewaying patch by Benno
Rice, that you could pull it off.

so... followed the link at http://squid.sourceforge.net but the link for
SSL gatewaying is stale and the new website has little information. my
question is this.

if i were to figure out how to setup SSL gatewaying with squid,
1 - would i then be able to setup a transparent proxy that would
CLIENT <---over https---> SQUIDPROXY <---over http---> INTERNALRESOUCE ?

2 - if 1 is true, then how do i retreive the SSL patch ? (i'm very
unfamiliar with CVS)
i am currently using squid-2.3.STABLE4-1

3 - provided that communication between the client and the squidproxy
would preferrably be secure (and in my case encrypting the traffic would
be the only financially viable solution), would (1) be a good solution?
communication between squidproxy and internal resource is assumed to be
private and secure.

john castillo

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Tue Feb 20 2001 - 12:43:16 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:05 MST