On 15/11/2011 12:01 a.m., Deepak Rao wrote:
> Hi,
>
> I have a requirement in which I would like to convert a HTTP request
> (going via squid proxy) to be converted into HTTPS - thus squid proxy
> can handle the ssl handshake and any mutual certificate validations.
>
> To elaborate:
> - I have a application which tries to contact an external website (abcdef.com)
> - The request goes via squid proxy (port 3128)
> - If I can have a configuration is squid proxy which checks for
> external hostname (abcdef) and to such requests, it converts the
> requests into an HTTPS call.
> - Now the external website abcdef.com's ssl handshake is handled by
> squid proxy, which also decrypts the response& the decrypted response
> is given back to my application.
>
> Is this possible in squid proxy?
Maybe.
If you really do mean only one website (or a small number), then you can
do it with a cache_peer link exactly like you would a reverse-proxy config:
cache_peer abcdef.com parent 443 0 originserver ssl no-query
acl abc dstdomain abcdef.com
cache_peer_access abcdef.com allow abc
If you need it for many or variable sites (ie every website). Then no.
Squid needs to be configured explicitly to add SSL wrapping
per-destination.
Amos
Received on Tue Nov 15 2011 - 11:07:34 MST
This archive was generated by hypermail 2.2.0 : Tue Nov 15 2011 - 12:00:03 MST