RE: [squid-users] SSL Acceleration

From: Hamid Hashemi Golpayegani <hamid@dont-contact.us>
Date: Thu, 15 Mar 2001 23:49:43 +0330

as Henrik said before it is cause of SSL structure coding .

--
Regards
    ============================================================
   /  Seyyed Hamid Reza    /        WINDOWS FOR NOW  !!            /
  /  Hashemi Golpayegani  /  Linux for future , FreeBSD for ever  /
 /    Morva System Co.   / ------------------------------------- /
/  Network Administrator/ hamid@morva.net   ,   ICQ# : 42209876 /
===========================================================
 
-----Original Message-----
From: HUNT_STEVE [mailto:HUNT_STEVE@smc.edu]
Sent: Thursday, March 15, 2001 11:09 PM
To: 'Kieran Skinner'
Cc: 'squid-users@ircache.net'
Subject: RE: [squid-users] SSL Acceleration
Yes, you're right, I guess it can't do that (cache or even proxy in
accelerator mode)
I understand why it can't cache SSL stuff, but I wonder if there is any
fundamental reason it couldn't be able to proxy it?
Squid SSL:
http://squid.sourceforge.net/projects.html#ssl
> -----Original Message-----
> From: Kieran Skinner [mailto:kieran.skinner@xal.co.uk]
> Sent: Thursday, March 15, 2001 10:06 AM
> To: squid-users@ircache.net
> Subject: RE: [squid-users] SSL Acceleration
> 
> 
> I didn't think that squid could accelerate SSL sites, I 
> thought that the
> very nature of SSL prevented it from doing that.
> 
> -----Original Message-----
> From: HUNT_STEVE [mailto:HUNT_STEVE@smc.edu]
> Sent: 15 March 2001 17:15
> To: 'Kieran Skinner'; squid-users@ircache.net
> Subject: RE: [squid-users] SSL Acceleration
> 
> 
> 
> I would like to do that too, but it is my understanding that 
> it can't be
> done in Squid (someone tell me that I'm wrong!)  
> 
> In your case could you run SSL on the Internal Target Sites 
> too?  I think
> Squid can do that. 
> 
> Or require that your users have IE and a Microsoft OS then 
> you can use NTLM
> authentication, which is (more) secure.
> 
> What I wanted to do is let outside users authenticate to 
> Squid then relay
> traffic through our IP address space to 3rd party websites 
> that require
> IP-authentication.  I think I am out of luck so far as SSL.
> 
> There is a open source product that claims to do the SSL 
> translation you
> want, called DeleGate, http://www.delegate.org/delegate/ 
> which I have not
> used myself.
> 
> Steve Hunt
> 
> > -----Original Message-----
> > From: Kieran Skinner [mailto:kieran.skinner@xal.co.uk]
> > Sent: Thursday, March 15, 2001 7:32 AM
> > To: squid-users@ircache.net
> > Subject: [squid-users] SSL Acceleration
> > 
> > 
> > Hello, 
> > 
> > I would like to use squid as an external front end to a 
> > series of Internal
> > sites.  Where the external client authenticates to the squid 
> > server and the
> > squid server then does some trickery to display internal 
> > content.  Obviously
> > I am not to keen on sending pretty much (near as damn it) clear text
> > username and password across the Internet so would like to 
> use SSL for
> > Client to SQUID communications.
> > 
> > i.e.
> > 
> > Client ======>  External Visible Squid Accelerator 
> =========> Internal
> > Target Site
> >         SLL                         NO SSL
> > 
> > The connection between the SQUID server and the target server 
> > does not use
> > SSL.  Only the connection between the client and the squid 
> > server would use
> > SSL.  The only reason I want to use SSL between the Client 
> > and the Squid
> > server is to encrypt the username and password.  
> > 
> > 
> > I already have it working fine without the SSL piece of the 
> > puzzle, is the
> > SSL piece possible, how?
> > 
> > 
> > Thanks
> > 
> > Kieran Skinner
> > 
> 
Received on Thu Mar 15 2001 - 13:18:16 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:39 MST