On Wednesday 09 January 2002 16.17, Francis Turner wrote:
> If I want port 443 to be proxied transparently I have to add another
> httpd_accel_port line as well? [I tried this and it breaks the
> transparent proxy completely even for regular http]
You can't intercept port 443 using Squid. For SSL to be proxied the
browser must be configured to use the proxy.
Squid is a HTTP proxy. As such it must be accessed using HTTP clients. For
HTTP clients using it as a proxy it can provide gatewaying or relaying of
other protocols such as FTP, Gopher, SSL. SSL is not HTTP.
> Then as well as that I also need to add a couple of lines like
> never_direct deny localnet localhost
> never_direct allow all
These should probably read
always_direct allow localnet
never_direct allow all
> which should be placed below the "http_access deny all" line?
The relative order of http_access, never_direct and always_direct does not
matter. Only the ordering within each directive and that anything the
directive refers to must be defined above.
> I have also tried this with and without the above httpd_accel_port
> change and https doesn't work.
Probably because you are attempting the impossible.
-- MARA Systems AB, Giving you basic free Squid support Customized solutions, packaged solutions and priority support available on requestReceived on Wed Jan 09 2002 - 12:15:18 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:48 MST