https servers cannot normally be accelerated due to the SSL encryption.
What can be done with a patched development version od Squid is to move
the SSL engine from the web server to Squid. See
http://squid.sourceforge.net/projects.html#ssl.
Most likely your RH 7.0 server has a https server installed, and it is
the certificate from this https server your browser are receiving.
-- Henrik Nordstrom Squid hacker Thimal Jayasooriya wrote: > > Hi all, > After lurking for quite some time, and reading all the posts on > this subject, I still haven't found a definitive answer to my question.. > so, please do tell me to RTFM or the archive if its available > somewhere... > My question is, > I've setup Squid as a httpd accelerator (RH 7.0, Squid 2.3 stable > 4). However, the most recent requirement is that the backend > webserver, IIS, also process some SSL requests. Unfortunately, I > get an error message at the client browser saying that the > certificate is invalid.. and that the host is not trusted.. basically, > that SSL doesn't work..it works fine when I go direct to the > webserver, btw.. > However, I do get a certificate from localhost.localdomain (the > default cert. from RH installation) when I go through Squid... which I > thought was weird.. anyway... > has anyone on this list actually tried to accelerate a webserver that > handles SSL.. is it even possible.. ? After reading posts that are > related, my feeling on this is that Squid can't handle SSL because > it is after all, just an HTTP proxy, not for anything fancy like > HTTPS.. in which case, I'd really like to know of a workaround or > alternately a means to modify the Squid source to allow this...I'm > quite willing to wade through C source code to get this done, > assuming my C knowhow is adequate, of course ;o) > > 've already tried url_regex with always_direct for https, with no > luck... > > Any information appreciated.. > Thanks in advance, > Thimal > > -- > To unsubscribe, see http://www.squid-cache.org/mailing-lists.html -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Wed Feb 28 2001 - 14:13:29 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:16 MST