I am trying to make the following work
client https -> squid https -> origin server
I keep getting
client https -> squid http -> origin server
trying to make ssl connection to 10.x.y.2
here is what I have in squid.conf
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl all src 0.0.0.0/0.0.0.0
http_access deny !Safe_ports
http_access allow all
icp_access allow all
http_reply_access allow all
http_port 80 accel vhost
cache_peer 10.x.y.2 parent 80 0 no-query originserver
cache_peer 10.x.y.135 parent 80 0 no-query originserver
cache_peer 10.x.y.139 parent 80 0 no-query originserver
coredump_dir /usr/local/squid/var/cache
https_port 443 vhost cert=/usr/local/squid/etc/servercert.pem
key=/usr/local/squid/etc/serverkey.pem
cafile=/usr/local/squid/etc/cacert.pem
cache_peer 10.x.y.2 parent 443 0 no-query ssl proxy-only originserver
login=PASS sslcert=/usr/local/squid/etc/servercert.pem
sslkey=/usr/local/squid/etc/serverkey.pem sslflags=DONT_VERIFY_PEER
front-end-https=on
cache_effective_user squid
cache_effective_group squid
cache_mgr roconnor@co.ba.md.us
ssl_unclean_shutdown on
Thanks!
Received on Fri Aug 20 2004 - 13:24:09 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:02 MDT