On 28/05/2013 11:16 p.m., Karl Hiramoto wrote:
> Hi,
>
> I'm trying to setup squid to be a load balancer, and provide
> redundancy, to other anonymous proxies. Everything works fine for
> HTTP, but when trying to use HTTPS squid falls back to http. Some
> sites don't allow you to browse or login without HTTPS.
>
> My Setup is:
>
> /---> AnonProxy1 ---->Final
> destination
> Client ---> MyProxy -*---> AnonProxy2 ---->Final destination
> \---> AnonProxy3 ---->Final
> destination
>
>
>
> Ideally between squid MyProxy and AnonProxy I'd like HTTP CONNECT
> (RFC2616 ) tunnel to be setup. Does anyone have an example
> configuration for this?
> If I setup my client to connect directly to AnonProxy1 HTTP and
> HTTPS work fine. I don't have any control or ability to change
> configuration of AnonProxy.
Squid "falls back" to HTTP because the peer proxies are all configured
as HTTP-only proxies. None of them are configured with SSL connectivity.
You cannot (yet) configure sending a CONNECT to peers because nobody has
coded Squid to support that yet. There is some code in the very latest
Squid (as in it literally just went into 3.HEAD yesterday) to make
failover send and handle CONNECT to peers when intercepted HTTPS goes
badly. But that is only for intercepted SSL at present. Patches adding
similar handling in other events is welcome.
Amos
Received on Wed May 29 2013 - 10:40:57 MDT
This archive was generated by hypermail 2.2.0 : Wed May 29 2013 - 12:00:07 MDT