Hi,
thanks for your reply.
I'm confused...I use squid as a web cache in front of my Apache web
server and I want that the user does not notice the presence of this
(the user connects to myHost.com and will not know if there will be
Squid). I understood that this configuration is transparent-proxy.
It is correct for my purpose? What is it exactly forward proxy or
reverse-proxy? Are these typologies simil to my necessary
configuration?
Tnx
2013/12/4 Amos Jeffries <squid3_at_treenet.co.nz>:
> On 4/12/2013 5:27 a.m., Gianluigi Ruggeri wrote:
>> Hi all,
>> I have a question about Squid configuration as trasparent proxy using SSL.
>>
>> I would to use Squid 2.6 as trasparent proxy with http and https connection.
>
>
> SSL interception (AKA "transparent proxy") for Squid versions older than
> 3.2 is not supported. Please upgrade.
>
> The https_port in older versions is designed for use as forward proxy or
> reverse-proxy modes only. If you try to use it for interception without
> ssl-bump your users will face constant certificate popups.
>
>
>> 3) About SSL I setted this:
>>
>> https_port 3129 transparent key=/etc/squid/ssl/myhost.com-private.pem
>> cert=/etc/squid/ssl/myhost.com-certificate.pem
>>
>>
>> but about https not work.
>> If I use this command lsof -n -i -P | grep squid
>>
>> about the squid I see also:
>>
>> squid 6483 squid 6u IPv4 155998 0t0 UDP *:43053
>> squid 6483 squid 13u IPv4 156001 0t0 TCP *:3128 (LISTEN)
>> squid 6483 squid 14u IPv4 156003 0t0 UDP *:3130
>>
>>
>> and I not see 3129 port.
>> Any suggestions?
>>
>
> See the cache.log messages output when setting up the port.
>
> Amos
Received on Wed Dec 04 2013 - 08:19:16 MST
This archive was generated by hypermail 2.2.0 : Thu Dec 05 2013 - 12:00:04 MST