Re: [squid-users] ssl connections from Emilio Casbas on 2004-03-30 (squid-users)

From: Emilio Casbas <ecasbas@dont-contact.us>
Date: Tue, 30 Mar 2004 17:34:04 +0200

Henrik Nordstrom wrote:

>On Tue, 30 Mar 2004, Emilio Casbas wrote:
>
>
>
>>Ok, then to do a forwarding path is it possible:
>>
>>1. Via "cache_peer_access "
>>
>>
>
>Yes.
>
>
>
>>2. Via "acl name method"
>>
>>
>
>cache_peer_access requires acls.
>
>
>
>>3. any more?
>>
>>
>
>Browser configuration (usually via proxy.pac files) to use a specific
>proxy for SSL and troublesome sites.
>
>Regards
>Henrik
>
>
>
Ok,

we've probed the configuration:

acl SEGURAS method CONNECT
cache_peer proxy-balancing-load parent 8080 0 default no-query
cache_peer proxy-only-ssl parent 8080 0 no-query

cache_peer_access proxy-only-ssl allow SEGURAS
cache_peer_access proxy-balancing-load deny SEGURAS

and all is working ok!.

But, would it possible that the acl wasn't method type else
dstdomain type?.
Because only a little sites don't work correctly with secure connections
and only will be need for these sites.

Thanks
Emilio C.

application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Tue Mar 30 2004 - 08:34:11 MST

This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:03 MST