RE: [squid-users] SSL between squid and client possible?

I've added myself to that bug and given it my interest.
Do you know of any browses for which you can connect to squid over a secure https_port?

I tried setting it up to learn about the limitations, but can't connect to the https_port using firefox, ie or safari.

Thanks,
Dave

-----Original Message-----
From: Amos Jeffries [mailto:squid3_at_treenet.co.nz]
Sent: Wednesday, September 22, 2010 10:34 AM
To: squid-users_at_squid-cache.org
Subject: Re: [squid-users] SSL between squid and client possible?

On Tue, 21 Sep 2010 16:39:53 -0700, "David Parks" <davidparks21_at_yahoo.com>
wrote:
> Can SSL be enabled between client and squid?
> Example: An HTTP request to http://yahoo.com goes over SSL from client
to
> squid proxy, then standard HTTP from squid to yahoo and again secured
from
> squid to client on the way back?
> It seems like this is only possible with reverse proxy setups, not
typical
> proxy forward traffic.
> Just wanted to verify my understanding here.
> Thanks,
> David

Squid will do this happily. https_port is the same as http_port but requires SSL/TLS on the link.

The problem is that most web browsers won't do the SSL/TLS when talking to an HTTP proxy. Please assist with bugging the browser devs about this.
https://bugzilla.mozilla.org/show_bug.cgi?id=378637. There are implications that they might do HTTP-over-SSL to SSL proxies, but certainly will send non-HTTP there and break those protocols instead.

Amos
Received on Sat Sep 25 2010 - 15:29:01 MDT