Merton Campbell Crockett wrote:
>
> I have been using Squid for several years and am currently using Squid
> 1.1.22 on a BSD/OS 4.0.1 system. In the past, I have not used Squid for
> HTTPS; however, I find that I need to do so.
>
> In the tests that I've run I find that none of the objects retrieved using
> HTTPS is cached. Is there a mechanism for forcing Squid to cache some of
> the objects retrieved using HTTPS? In particular, I would like it to
> cache GIF images and other assorted goo-gahs.
Nope. What is proxied is an opaque, encrypted data-stream. Only the
end-points can do any caching. Intermediate proxies cannot, otherwise it
would not be 'secure'.
Umm..Just looking at your tagline and job-description, I would have
thought that you would have known that. (no offense). A proxy able to
cache HTTPS traffic would be a 'man-in-the-middle' attack. It'd
certainly violate the security of the whole protocol.
>
> Merton Campbell Crockett
> +---------------------------------------------------------------------------+
> | Manager, Network Operations & Services | Senior Network/Security Engineer |
> | GTE Government Systems Corporation | Naval Surface Warfare Center |
> | Electronic Systems Division | Port Hueneme Division |
> | Intelligence Systems Organization | IT/TIS Program |
> | Thousand Oaks, CA | Port Hueneme, CA |
> +---------------------------------------------------------------------------+
Received on Sun Jun 06 1999 - 16:34:04 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:46:45 MST