ons 2007-02-14 klockan 11:27 -0600 skrev Rob Squid:
> I have some hosts that I am accelerating
> http and https traffic on the same host. Do I need to have a
> cache_peer line for both http and https?
You need a cache_peer per backend server:port you want Squid to forward
request to.
> How can I differeniate the two?
By assigning names to the cache_peer lines (name= option), and using
cache_peer_access to select what gets forwarded where.
> acl CP_Port port 80
> acl CP_Port_SSL port 443
I would use protocol instead, but that's me..
> http_port 172.30.5.5:80 accel vhost
> https_port 172.30.5.5:443 accel vhost cert=/etc/ssl/squidCerts/cert.crt key=/etc/ssl/squidCerts/key.key
> acl CP_Site dstdomain site.domain.com
> cache_peer 192.168.5.5 parent 80 0 no-query login=PASS originserver connection-auth=on name=site
> cache_peer_access site allow CP_Site CP_Port
> cache_peer 192.168.5.5 parent 443 0 no-query ssl sslflags=DONT_VERIFY_PEER front-end-https name=site_ssl
> cache_peer_access site_ssl allow CP_Site CP_Port_SSL
Looks reasonable to me.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Thu Mar 01 2007 - 12:00:01 MST