On 30.05.2012 14:40, xiaoJay wrote:
> Amos Jeffries, Thanks for reply.
>
> I am running a regular proxy.
>
> "So often the "https://" part is never seen by Squid."
> so how can i redirect http and https request to different cache peer?
>
> now, I tried this conf: (use port 443 to distinguish http from https
> request )
>
> acl ACL_HTTPS proto HTTPS
> acl ACL_HTTPS2 port 443
> cache_peer 127.0.0.1 parent 5000 0 name=https_peer no-query
> no-netdb-exchange no-delay
> cache_peer 127.0.0.1 parent 5001 0 name=http_peer no-query
> no-netdb-exchange no-delay
> cache_peer_access https_peer allow ACL_HTTPS2
> cache_peer_access http_peer allow ACL_HTTP
> never_direct allow all
>
> which seems work fine.
>
> and i want to confirm : "is this a valid way?"
Yes.
All Squid gets is a request to setup CONNECT tunnel to a certain
hostname and port (usually port 443 for HTTPS).
The one thing you can't be sure of is that CONNECT is actually passing
HTTP Secure and not some other protocol to port 443.
Amos
Received on Wed May 30 2012 - 02:50:44 MDT
This archive was generated by hypermail 2.2.0 : Wed May 30 2012 - 12:00:06 MDT