Thanks for the reply.
Here's my situation -
Web/SSL Mail server on ports 80 and 443 in Sweden<--network
cloud--><--firewall--><--My Squid Server in Finland /
Gateway-><--firewall--><--network cloud-->Client networks in Sweden
and Finland.
The gateway machine hosting squid is the only connection point between
the Web server and my clients.
The client, the squid server, and the http/https servers are all in
different networks. There are no private network addresses involved.
So I need SSL between the clients and squid and between the web/mail
server and squid. Is this possible with squid or must I use port
forwarding on port 443 on the squid gateway?
Thanks again,
Magnus
On Sun, May 24, 2009 at 5:43 AM, Jeff Pang <pangj_at_arcor.de> wrote:
> Magnus Moraberg:
>
>>
>> Now I wish for my clients to be also able able to use ssl/https, but
>> I'm not sure how squid should be configured to do this.
>>
>
> Do you mean in a reverse-proxy environment? If so,try something like:
>
> https_port 443 accel vhost cert=/usr/local/squid/etc/ssl/server.crt
> key=/usr/local/squid/etc/ssl/server.key
>
> cache_peer 1.2.3.4 parent 80 0 no-query front-end-https=auto originserver
> name=PEER1
> acl service1 dstdomain www.ab.com
> cache_peer_access PEER1 allow service1
>
> acl Safe_ports port 80 443
> http_access allow service1
> http_reply_access allow all
>
> see also:
> http://wiki.squid-cache.org/SquidFaq/ReverseProxy
>
>
> If you're not in a reverse-proxy, squid most probably is in the network as
> the clients themselves. Then the SSL transmission from clients to Squid is
> unmeaning, just bypass them.
>
> --
> Jeff Pang
> DingTong Technology
> www.dtonenetworks.com
>
Received on Sun May 24 2009 - 07:02:35 MDT
This archive was generated by hypermail 2.2.0 : Sun May 24 2009 - 12:00:01 MDT