D.Veenker wrote:
>
> Is it maybe possible to intercept the http:// request over port 80 with
> IPTABLES and redirect it to Squid?
>
> Then let an ICAP add-on (or the internal rewriter) rewrite the URL to
> https://. Then let Squid do all the SSL with client certificates with
> the actual https-server.
> Last, Squid forwards the server-reply to the client (maybe also by using
> some IPTABLE tricks) to the client in regular un-encrypted http.
Pretty complex.
For the general case you hit the very hard problem of; how do you know
any given server will accept HTTPS for any given request?
If you have a specific server or set of servers you need it for use
cache_peer to setup an SSL link to each and just pass the relevant
requests down it.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.3Received on Sun May 02 2010 - 13:27:27 MDT
This archive was generated by hypermail 2.2.0 : Sun May 02 2010 - 12:00:03 MDT