I'm trying to setup Squid to serve as a standard proxy in front of an
application that uses both http and https to communicate. Our
application uses http port 9999 to communicate to Squid and then Squid
communicates out to the world. Http out to the world is working fine,
but https doesn't work at all. What am I missing?
This is my config.
debug_options ALL,1 33,2
http_port 9999
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
# who can talk with us
acl sourcesvrs src XXX.XXX.XXX.XXX/24
# where we can go
acl destinations dst "/squid/destinations.conf"
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl SSL_ports port 4443 8443
acl http_out port 80
acl http_out port 4443 8443 9080
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 563 # snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl SSL method CONNECT
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !http_out
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports http
http_access allow sourcesvrs
# And finally deny all other access to this proxy
http_access deny all
# where can we go
http_access allow destinations
http_access allow destinations CONNECT SSL_PORTS
Received on Tue May 22 2007 - 07:51:36 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:05 MDT