On Thursday 31 July 2003 16.25, David Gibson wrote:
> 1) SSL all the way through from client, through proxy, to server,
> with no decryption between client & server. (Just a relay).
No.
Squid has no interest in providing this kind of service. A plain TCP
plug or NAT is what you want for this kind of service. There is no
good reason to involve Squid in this.
> 2) SSL from client to proxy, clear text from proxy to server.
Yes.
> 3) SSL from client to proxy, decrypt & re-encrypt to server
> (classic man-in-the middle, but gives opportunity to inspect
> traffic)
Yes, with Squid-3.0, or Squid-2.5+ssl update patch available from
http://devel.squid-cache.org/.
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.comReceived on Thu Jul 31 2003 - 11:32:36 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:22 MST