Re: [squid-users] HTTPS -> Squid -> HTTP -> origin from Henrik Nordstrom on 2007-10-03 (squid-users)

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Thu, 04 Oct 2007 04:24:05 +0200

On tor, 2007-10-04 at 15:20 +1300, Amos Jeffries wrote:

> https_port 3127 cert=/test/squid.pem key=/test/squid.key
> defaultsite=treenet.co.nz
> cache_peer *** 80 0 originserver
> ...
>
> Then requested "https://192.168.0.192:3127/" in the browser to grab from
> the test cache. I kept getting squid error pages indicating it could not
> connect to "https://treenet.co.nz/"
>
> Is there something that elides the 'https' in the relayed request?

The URL reported by Squid is that from the http(s)_port. How it's
forwarded is outside the URL namespace. Which means you can forward and
https:// URL to a http peer, or an http:// URL to an ssl enabled per.
Same thing..

> This is the test config I mentioned elsewhere that wouldn't even accept
> connections unless visible_hostname matched the encrypted domain inside
> the .pem.

Odd.

Regards
Henrik

application/pgp-signature attachment: This is a digitally signed message part

Received on Wed Oct 03 2007 - 20:24:14 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:01 MDT