RE: [squid-users] Transparent proxy and secure connections

My main use of squid is access control, more than caching. I want to be
able to control secure site connections. At the moment secure
connections are allowed through the firewall, and normal http
connections are being redirected.

If I wanted to implement access control for secure sites, how would I go
about redirecting port 443 through the proxy for the access control
rules.

Would this have to be done manually from the client side (Denying 443 on
the firewall and then manually setting a proxy in the browsing client)?

Brett

-----Original Message-----
From: Hermann Strassner [mailto:hermann.strassner@hama.de]
Sent: 07 August 2002 11:17
To: Squid Mailinglist
Subject: RE: [squid-users] Transparent proxy and secure connections

> I am running squid 2.4stable1 as a transparent proxy, with iptables.
> This only proxies for http (port 80). (It is only possible to have a
> single httpd_accel_port directive.)
>
> I was wondering if it is possible to proxy for secure sites (https) as
> well (ie. Port 443)

The reason for a transparent proxy is caching.

This does not make sense at all for https, because you can't cache
https.

Hermann
Received on Wed Aug 07 2002 - 03:26:20 MDT