[squid-users] SSL client cert configuration and provision

From: Stephan Hügel <urschrei_at_gmail.com>
Date: Sat, 21 May 2011 19:09:45 +0100

Hello,
Apologies in advance for the (presumably) repetitive question:
I'd like to set up squid to provide an SSL cert required for access to
a certain site on behalf of my users. I've converted the cert (it was
provided in PFX format) to PEM format, and generated a key (though I'm
not entirely sure that's necessary).
I've installed squid 2.7.STABLE9 on Ubuntu 11.04, and configured http
access for users on my subnet, and this is working correctly:

http_port 3128
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 10.10.10.0/24
[snip]
http_access allow localnet
icp_access allow localnet

But I haven't been able to find a HOWTO for transparently providing
the required SSL cert on behalf of clients when they connect to the
site which requires it.
I assume I have to provide a https_port (443?) , and https_allow
localnet, but I'm not sure about anything else.

TIA

-- 
steph
Received on Sat May 21 2011 - 18:09:52 MDT

This archive was generated by hypermail 2.2.0 : Sun May 22 2011 - 12:00:02 MDT