Re: [squid-users] Reverse SSL proxy on squid v3

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Fri, 23 May 2003 16:31:11 +0200

On Friday 23 May 2003 10.06, DUBOST Gaetan (DSIT-XA) wrote:

> I am trying to configure a reverse proxy on squid v3 :
>
> Client --HTTPS-> Reverse Proxy --HTTP--> Server
> Client --HTTP-> Reverse Proxy --HTTP--> Server
>
> I have two problems :
>
> I)http
>
> http_port 80 accel
>
> The reverse http proxy works but when I shutdown squid
> I get the following error message :
>
> Stopping squid: FATAL: Bungled squid.conf line 62: http_port 80
> accel Squid Cache (Version 2.5.STABLE2): Terminated abnormally.

You are running the wrong Squid version here... make sure you always
run the version you intend to run. Older Squid versions will not be
happy if given a configuration file using directives only existing in
a newer version..

> I've created a self signed certificate and a key with the following
> command
>
> openssl req -x509 -newkey rsa -keyout key.pem -out cert.pem
>
> In my squid.conf I added the line :
> https_port 443 cert=/PATH/TO/cert.pem key=/PATH/TO/key.pem
>
> Squid cannot start and I have no logs neither in access.log nor in
> cache.log...

What does "squid -k parse" say?

> Is there an howto about that kind of configuration ?

Not yet.

You are welcome to write one when you have got all the pieces to work
together.

Note: The functionality you are looking for also exists in Squid-2.5.
There is no need to use the bleeding edge development version to
provide https acceleration. The syntax is slightly different however.

-- 
Donations welcome if you consider my Free Squid support helpful.
https://www.paypal.com/xclick/business=hno%40squid-cache.org
If you need commercial Squid support or cost effective Squid or
firewall appliances please refer to MARA Systems AB, Sweden
http://www.marasystems.com/, info@marasystems.com
Received on Fri May 23 2003 - 08:30:46 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:55 MST