Re: [squid-users] enabling https 443 on vanilla squid -debian squeeze-

From: Amos Jeffries <>
Date: Wed, 28 Dec 2011 15:10:10 +1300

On 28/12/2011 12:44 p.m., someone wrote:
> Allright, many of you know me here from some of my previous posts, and
> Im sure if I went a googling Id find answers to my questions but hey,
> why, when im subscribed to the squid-cache users mailing list~ hehe.
> Well anyway, ive never used squid for ssl/https:443 before and noticed
> one of my clients playing a lot of that farmville crap on facebook,
> sometimes uses ssl, and farmville uses a considerable ammount of
> bandwidth. I wanna intercept all of that wasted redownloads so, since
> farmville seems to be using https more, my clients arent getting the
> benefit of my squid cache :(, welp now its time to enable ssl "bump" or
> w/e they call it in squid.
> ok, as I understand squid must be compiled to cache ssl http content?
> Because im using a vanilla version that ships with debian squeeze. see
> below.

On Debian yes, it must be re-compiled with --enable-ssl. The Debian
policy has problems with the way Squid (GPLv2+) and OpenSSL
(proprietary) licenses combine.

One day someone will get around to adding GNUTLS support and the SSL
problem will go away. So far nobody has supplied patches for it. There
are both a debian and Squid project bugs about GNUTLS if you want to
subscribe for notice when that happens.

Received on Wed Dec 28 2011 - 02:10:14 MST

This archive was generated by hypermail 2.2.0 : Sat Dec 31 2011 - 12:00:02 MST