[squid-users] Intercepted requests on port 443 are directed to 80

From: A G <utopian201_at_hotmail.com>
Date: Sat, 23 Jun 2012 04:54:24 +1200

Hi
I have set squid up as an intercept proxy; I have redirected http traffic on port 80 to port 3128 and https traffic on 443 to port 3129.

http_port 3128 intercept
https_port 3129 intercept ssl-bump cert=/root/server.crt key=/root/private.pem

It is working fine with http requests.

However when a client makes an HTTPS request to port 443 on squid, squid will decrypt the request (due to ssl-bump). Squid then treats this request as a normal HTTP request and forwards it to the real webserver on port 80. The webserver responds with a redirect, asking to connect to 443. Is there a way to tell squid that, if the request comes in on 443, to make the outgoing connection's destination port to be 443 instead of 80 as well?

Here is a simple diagram (in case I haven't explained it clearly!)
Client --> (80) Squid --> (80) Webserver.com - Works as expected.
Client --> (443) Squid --> (80) Webserver.com - webserver responds with 301/302 and says new location is at https://webserver.com

Thanks
                                               
Received on Fri Jun 22 2012 - 16:54:32 MDT

This archive was generated by hypermail 2.2.0 : Fri Jun 22 2012 - 12:00:03 MDT