Re: [squid-users] squid 3.1: How to setup a Squid SSL reverse proxy for a parent SSL Squid proxy?

fulanpeng wrote:
>
> Hi,
>
> I have a Squid reverse proxy running with SSL support. People can
> access it with https://domainA.com. No problem.
> Now I want to set up another Squid proxy server to proxy it with SSL
> support.
> That means https://domainA --> https://domainB.
>
> My configuration file is similar like this for the parent.
> Please help to set up the child squid to proxy this parent.
>
> https_port 443 cert=/usr/newrprgate/CertAuth/testcert.cert
> key=/usr/newrprgate/CertAuth/testkey.pem
> defaultsite=mywebsite.mydomain.com vhost
>
> cache_peer 10.112.62.20 parent 80 0 no-query originserver login=PASS
> name=websiteA
>
> acl sites_server_1 dstdomain websiteA.mydomain.com
> cache_peer_access websiteA allow sites_server_1
> http_access allow sites_server_1
>
> http_access deny all
>
>

I have a similar problem.

we try to establish an SSL connection between our reverse proxy and our
sharepointserver.

Over the internet we connect with https to the reverse proxy and he should
forward the user via ssl to the sharepoint.

i have the following entry in my squid logfiles:

2009/08/11 11:18:51| fwdNegotiateSSL: Error negotiating SSL connection on FD
13: error:00000000:lib(0):func(0):reason(0) (5/0/0)
2009/08/11 11:18:51| TCP connection to 10.xxx.xxx.xxx/443 failed

anyone knows why this might happen?

this is our cache_peer config:

cache_peer 10.xxx.xxx.xxx parent 443 0 ssl no-query originserver login=PASS
front-end-https=on sslkey=//usr/newrprgate/CertAuth/sslkey.key
sslcert=//usr/newrprgate/CertAuth/sslcert.cert name=*.*.com

thanks in advance

-- 
View this message in context: http://www.nabble.com/squid-3.1%3A-How-to-setup-a-Squid-SSL-reverse-proxy-for-a-parent-SSL--Squid-proxy--tp24911339p24914505.html
Sent from the Squid - Users mailing list archive at Nabble.com.