RE: [squid-users] SSL Acceleration

Yes, you're right, I guess it can't do that (cache or even proxy in
accelerator mode)
I understand why it can't cache SSL stuff, but I wonder if there is any
fundamental reason it couldn't be able to proxy it?

Squid SSL:
http://squid.sourceforge.net/projects.html#ssl

> -----Original Message-----
> From: Kieran Skinner [mailto:kieran.skinner@xal.co.uk]
> Sent: Thursday, March 15, 2001 10:06 AM
> To: squid-users@ircache.net
> Subject: RE: [squid-users] SSL Acceleration
>
>
> I didn't think that squid could accelerate SSL sites, I
> thought that the
> very nature of SSL prevented it from doing that.
>
> -----Original Message-----
> From: HUNT_STEVE [mailto:HUNT_STEVE@smc.edu]
> Sent: 15 March 2001 17:15
> To: 'Kieran Skinner'; squid-users@ircache.net
> Subject: RE: [squid-users] SSL Acceleration
>
>
>
> I would like to do that too, but it is my understanding that
> it can't be
> done in Squid (someone tell me that I'm wrong!)
>
> In your case could you run SSL on the Internal Target Sites
> too? I think
> Squid can do that.
>
> Or require that your users have IE and a Microsoft OS then
> you can use NTLM
> authentication, which is (more) secure.
>
> What I wanted to do is let outside users authenticate to
> Squid then relay
> traffic through our IP address space to 3rd party websites
> that require
> IP-authentication. I think I am out of luck so far as SSL.
>
> There is a open source product that claims to do the SSL
> translation you
> want, called DeleGate, http://www.delegate.org/delegate/
> which I have not
> used myself.
>
> Steve Hunt
>
> > -----Original Message-----
> > From: Kieran Skinner [mailto:kieran.skinner@xal.co.uk]
> > Sent: Thursday, March 15, 2001 7:32 AM
> > To: squid-users@ircache.net
> > Subject: [squid-users] SSL Acceleration
> >
> >
> > Hello,
> >
> > I would like to use squid as an external front end to a
> > series of Internal
> > sites. Where the external client authenticates to the squid
> > server and the
> > squid server then does some trickery to display internal
> > content. Obviously
> > I am not to keen on sending pretty much (near as damn it) clear text
> > username and password across the Internet so would like to
> use SSL for
> > Client to SQUID communications.
> >
> > i.e.
> >
> > Client ======> External Visible Squid Accelerator
> =========> Internal
> > Target Site
> > SLL NO SSL
> >
> > The connection between the SQUID server and the target server
> > does not use
> > SSL. Only the connection between the client and the squid
> > server would use
> > SSL. The only reason I want to use SSL between the Client
> > and the Squid
> > server is to encrypt the username and password.
> >
> >
> > I already have it working fine without the SSL piece of the
> > puzzle, is the
> > SSL piece possible, how?
> >
> >
> > Thanks
> >
> > Kieran Skinner
> >
>
Received on Thu Mar 15 2001 - 12:36:22 MST