[squid-users] R: [squid-users] R: Re: [squid-users] Reverse proxy HTTPS to HTTP, with 2.6

I would like a step by step guide because I havent' time to spend....; also because I already spent 2 weeks to configure squid intergraded in active directory (nt groups authentication instead ip policy) and I can't work full time on squid
Isa at least provide a friendly gui and has tons of documents in particular for reverse proxy.
Until I will find a good guide (or time to spend) I will use isa....

thanks

-----Messaggio originale-----
Da: Joel CARNAT [mailto:joel@carnat.net]
Inviato: venerdì 10 novembre 2006 15.42
A: Reale Marco
Cc: squid-users@squid-cache.org
Oggetto: Re: [squid-users] R: Re: [squid-users] Reverse proxy HTTPS to HTTP, with 2.6

Hi,

isn't this that you want to do:
http://www.mail-archive.com/squid-users@squid-cache.org/msg41994.html

for the authent, I suspect you have to look for NTLM authent.
but I don't know how to (windows) authenticate users from Squid.

On Ven, nov 10 2006 - 14:57, Reale Marco wrote:
> Hi joel and henrik
>
> I'm interested in yours thread. Can you briefly to synthetize all needed steps?
> I would like to configure reverse proxy for my owa (exchange 2003)
>
> Actually this is my configuration
>
> Internet
> |
> |(http requestes redirected to https by isa)
> Dmz - Isa Server 2006 (reverse proxy)
> |(http communication between isa and exchange)
> |
> Internal Exchange 2003
>
>
> 1) When a user write in his browser http://webmail.mycompany.it isa before all redirect http request to https (a certificate is installed on isa) and it allow nt authentication over http (in isa there is a menu in order to enable this future); Isa "speak" through http with my internal exchange server and if user's domain credential are correct, email box is displayed.
>
> Ho can I make the same thing with Squid? I would like to substitute
> isa with squid
>
> Thanks
>
> -----Messaggio originale-----
> Da: Joel CARNAT [mailto:joel@carnat.net]
> Inviato: venerdì 10 novembre 2006 14.23
> A: Henrik Nordstrom
> Cc: squid-users@squid-cache.org
> Oggetto: Re: Re: [squid-users] Reverse proxy HTTPS to HTTP, with 2.6
>
> On Ven, nov 10 2006 - 12:12, Henrik Nordstrom wrote:
> > fre 2006-11-10 klockan 11:57 +0100 skrev Joel CARNAT:
> >
> > > Now that I upgraded to 2.6, I read those options don't exist
> > > anymore and are replaced by options in http_port/https_port.
> > > Publishing HTTP to HTTP is OK but publishing HTTPS to HTTP doesn't work.
> > > I have configured 2.6 as follow:
> > > ##################################################################
> > > ##
> > > ####
> > > http_port 80 transparent
> > > https_port 443 cert=/etc/openssl/certs/server.pem
> > > key=/etc/openssl/private/server.key
> >
> >
> > The above should be
> >
> > http_port 80 defaultsite=your.main.http.website.name vhost
> > https_port
> > 443 defaultsite=your.https.website.name cert=...
> >
> > And then a cache_peer with the origin server option to tell Squid
> > where to forward the requests.
> >
>
> Great, it works - I had to use "vhost" on the https_port too.
>
> Thanks a lot for your help!
>
> Jo
>
Received on Fri Nov 10 2006 - 08:01:52 MST