Hi Amos,
Thanks for the detailed response. I tried configuring Squid, but
couldn't get it working yet.
Can you please elaborate "You setup Squid as a reverse-proxy and make
old billing application believe Squid is the Payway system. Usually
via DNS". Sorry if this sounds dumb.
Steps followed by myself:
1. Downloaded Squid 2.7 STABLE8 (reverse proxy with SSL support) and
installed it in my windows server which has the billing application
2. Started the Squid service and stored the Payway's digital
certificate inside the "payway" directory in C: of the windows server
3. Added the following options to the squid.conf file:
https_port accel defaultsite=https://ccapi.client......./ccapi
cert=C:\payway\ccapi.pem
cache_peer ssl sslcert=C:\payway\ccapi.pem
4. Tried to initiate a test transaction from the billing application,
but it didn't work.
Assumptions made:
1. I have stored the Payway related details (aforementioned https URL,
username, password & Merchant ID for the API) in the billing system
installed in the windows server. I hope that when the billing
application tries to process a credit card payment, the proxy will
automatically take over the transaction.
2. I have not added the username/password of the API to the Squid
configuration. Please let me know if I need to add the details in
Squid proxy too and if yes, kindly provide me the syntax to be used.
Please let me know if I am going in the right direction.
Thanks,
KB.
On Fri, Jan 28, 2011 at 11:08 AM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> On 28/01/11 07:48, Qvalpro Solutions wrote:
>>
>> Hi Folks,
>>
>> I just started exploring Squid proxy and I am clueless of how to use
>> Squid in my setup.
>>
>> Some background on why I am trying to use the Squid proxy:
>> I have a billing application installed in a windows server. This
>> particular billing application uses some proprietary file system,
>> which cannot be customized. I have purchased a Payway API account
>> (Payway API is nothing but a payment processing system for credit
>> cards) for using with the billing application. I just noticed that the
>> Payway API needs a digital certificate to be installed for processing
>> the payments. Unfortunately, my billing application doesn't allow any
>> certificate installation. When I spoke to the billing application
>> development company and Payway, they suggested me to use the Squid
>> proxy to workaround the problem. I was also told that the Squid proxy
>> can provide the client certificate.
>>
>> As I don't have adequate exposure to setting up proxy servers, I have
>> the following questions:
>> 1. Can I install the Squid proxy in the same server where my billing
>> application is located?
>
> Yes.
>
> Additional problem though: Windows Squid builds only have experimental SSL
> support and are limited to squid-2.7 for now.
>
> If you need to do this for Windows please contact Guido at Acme Consulting
> (http://squid.acmeconsulting.it/) for support.
>
>
>> 2. How do I connect the billing application to the Squid Proxy? Do I
>> need to use some port for this and how am I supposed to connect the
>> Squid Proxy to the Payway API?
>
> You setup Squid as a reverse-proxy and make old billing application believe
> Squid is the Payway system. Usually via DNS. Squid handles the rest once
> requests are arriving nicely to it.
>
> Start with this:
> http://wiki.squid-cache.org/ConfigExamples/Reverse/BasicAccelerator
> it covers the very simple config just to get an accelerator working. Stuff
> like SSL require additional config.
>
>> 3. How do I install the digital certificate provided by Payway in the
>> Squid proxy and what format of digital certificate is to be used -
>> .net or PHP or ASP or something else?
>
> Squid uses .PEM format certificates.
>
> After doing the setup from your question 2. You configure Squid to use them
> with additional options on the cache_peer line.
> Set the "ssl" flag to enable SSL on the link then any of the other ssl*=
> options as needed by the Payway system.
>
> http://www.squid-cache.org/Doc/config/cache_peer/
>
> (snipped Q4-6 since they are answerd above as well).
>
> Amos
> --
> Please be using
> Current Stable Squid 2.7.STABLE9 or 3.1.10
> Beta testers wanted for 3.2.0.4
>
Received on Mon Jan 31 2011 - 20:01:26 MST
This archive was generated by hypermail 2.2.0 : Tue Feb 01 2011 - 12:00:04 MST