Re: [squid-users] fedora, squid, cisco, transparent proxy and https/ssl

From: James Gray <james_gray@dont-contact.us>
Date: Thu, 20 Jan 2005 11:14:07 +1100

On Thu, 20 Jan 2005 09:47 am, Flip Johnson wrote:
> Hi Everyone,
>
> We have squid 2.5 setup and working beautifully as a transparent proxy. Our
> cisco firewall/router redirects the traffic outbound on port 80 to the
> squid box and it in turn is filtered and sent on it's merry way.
>
> Our problem lies with the https traffic, which we are not rerouting at the
> cisco box because we realize that squid can't and shouldn't proxy that type
> of traffic. The problem is, on and off we seem to have reliability with our
> ssl connections. It appears to be an issue when a site redirects from an
> insecure to secure page, such as when you are checking out at an ecommerce
> site.
>
> Does anyone have any ideas? Thank you VERY MUCH.
>
> Phil Bartelme

We have an authenticating proxy (as opposed to transparent) and send http and
https (ports 80/443) via the squid proxy. We don't have any problems with
SSL traffic (it is just passed through and not cached) but it does allow us
to audit the activity of our users.

Have you tried (just for kicks) to redirect the SSL traffic via squid too?

Not much help sorry, but just wanted to let you know that https/SSL via squid
does work ;)

Cheers,

James

Received on Wed Jan 19 2005 - 18:36:44 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 07 2005 - 12:59:35 MST