On Wed, 22 Jun 2011 10:41:59 +0800, Sean SPALDING wrote:
> Hi Amos,
>
>> have to have port ":8443" as the destination port. Since origin
>> requests
>> have the domain:port part in the Host: header
>
> A minor correction here. The SSL offload device (Nortel Application
> Switch) does some networking magic so neither the originating request
> nor the forwarded request has a port in the Host header. HTTPS
> requests arrive on 443, get decrypted and passed through to 8443 as
> HTTP.
Is there any "http://domain:port" part on the URL when it arrives at
Squid?
That would cause Squid to ignore the Host: entirely and use the URL
values.
>
>> If you want Squid to fake the arriving port back to 80 use
>> "vport=80" on
>> the http_port 8443 line.
>
> I'll try this.
>
A secondary workaround is forcedomain= on the cache_peer line if your
squid supports it. But that is only useful in some circumstances.
Amos
Received on Wed Jun 22 2011 - 02:56:47 MDT
This archive was generated by hypermail 2.2.0 : Wed Jun 22 2011 - 12:00:03 MDT