On 15/09/11 04:20, nemus wrote:
> Hi I want to create a proxy which encrypts all http traffic to https
>
> Can squid do this ?
>
Yes, no, and maybe. All at the same time.
Yes - Squid can encrypt traffic. Requires OpenSSL AND a cache_peer link
with "ssl" flags to another proxy which accepts SSL encrypted input (ie
https_port)
No - Squid cannot make the browser use SSL in its communication.
Maybe - Squid can emmit 305 status responses requesting the browser use
a proxy at an https:// location. This has almost no browser support last
time I checked.
Maybe - you can intercept traffic and pass it down an encrypted
cache_peer link.
Overall I think with todays technology its easiest to use a machine
level interface (VPN tunnel) to do the encryption. You can use these for
any traffic and even if you like, point browser->proxy traffic through
one to a Squid https_port.
> What would this process be called?
>
"Encryption". As in; "SSL Encryption", "transport layer encryption",
"encryption gateway", "encrypted proxy tunnel", "encrypted peer", etc.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.15 Beta testers wanted for 3.2.0.11Received on Fri Sep 16 2011 - 01:37:56 MDT
This archive was generated by hypermail 2.2.0 : Fri Sep 16 2011 - 12:00:03 MDT