> I have a backend (application) server that rejects requests that are not
> HTTP/1.1 (rejected with a "HTTP/1.1 505 HTTP Version Not Supported"). It
> also requires that connections come in over SSL.
>
> I would like to place a Squid instance in accelerator mode in front of
> this application, but haven't found a way to convince Squid to talk
> HTTP/1.1 to the backend over SSL. All the requests I see are coming into
> the backend as HTTP/1.0.
>
> Is there a magic recipe to force Squid to use the HTTP/1.1 protocol to the
> backend?
>
> I've tried Squid-3.0-STABLE8 and Squid-3.HEAD-20080909 with no difference.
> Here's the squid.conf:
>
> #--------------------------------------------------
> # Squid.conf
> visible_hostname frontend.mydomain.com
> httpd_suppress_version_string on
>
> http_port 80 accel defaultsite=10.2.3.4
> https_port 443 accel defaultsite=10.2.3.4 key=/apps/squid/etc/squid.key
> cert=/apps/squid/etc/squid.crt
> cache_peer 10.2.3.4 parent 443 0 no-query originserver name=backendssl ssl
> sslflags=DONT_VERIFY_PEER proxy-only
> cache_peer 10.2.3.4 parent 80 0 no-query originserver name=backendhttp
> proxy-only
>
> acl VDI dst 10.2.3.4
> http_access allow all
> cache_peer_access backendssl allow all
> cache_peer_access backendhttp allow all
>
> request_body_max_size 0
>
> # Debugging:
> debug_options ALL,9
> error_directory /apps/squid-3.HEAD-20080909/share/errors/en
>
> Thanks,
> --Joe
>
3.0 releases don't support HTTP/1.1 in that form yet. You will need to use
a 2.7 release for the time being.
PS. I also find it strange that your website public domain name is 10.2.3.4.
Amos
Received on Thu Sep 11 2008 - 02:50:53 MDT
This archive was generated by hypermail 2.2.0 : Thu Sep 11 2008 - 12:00:05 MDT