Hello all,
we intend to use squid as https reverse proxy via following access and
protocol chain:
client->internet->https->squid->https->server-intern
A have succesfully configured and tested:
client->internet->https->squid->http->server-intern
but I can't induce squid to access servern-intern with https/ssl. I am
using precompiled squid binary-rpm. The output from squid -v is:
Squid Cache: Version 2.5.STABLE3
configure options: --host=i686-pc-linux-gnu --build=i686-pc-linux-gnu
--target=i386-redhat-linux --program-prefix= --prefix=/usr
--exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin
--sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include
--libdir=/usr/lib --libexecdir=/usr/libexec --localstatedir=/var
--sharedstatedir=/usr/com --mandir=/usr/share/man
--infodir=/usr/share/info --exec_prefix=/usr --bindir=/usr/sbin
--libexecdir=/usr/lib/squid --localstatedir=/var --sysconfdir=/etc/squid
--enable-poll --enable-snmp --enable-removal-policies=heap,lru
--enable-storeio=aufs,coss,diskd,ufs --enable-ssl
--with-openssl=/usr/kerberos --enable-delay-pools
--enable-linux-netfilter --with-pthreads
--enable-basic-auth-helpers=LDAP,NCSA,PAM,SMB,SASL,MSNT
--enable-ntlm-auth-helpers=SMB,winbind
--enable-external-acl-helpers=ip_user,ldap_group,unix_group,wbinfo_group,winbind_group
As you can see, --enable-ssl is compiled in. I tried to use
"redirect_program /usr/bin/squirm" in squid.conf to rewrite https to
internal server. The Messages during start squid in cache.log are:
2004/05/11 13:12:05| Starting Squid Cache version 2.5.STABLE3 for
i686-pc-linux-gnu...
2004/05/11 13:12:05| Process ID 443
2004/05/11 13:12:05| With 1024 file descriptors available
2004/05/11 13:12:05| DNS Socket created at 0.0.0.0, port 32975, FD 4
2004/05/11 13:12:05| Adding nameserver 194.76.232.129 from
/etc/resolv.conf
2004/05/11 13:12:05| helperOpenServers: Starting 5 'squirm' processes
2004/05/11 13:12:05| WARNING: Cannot run '/usr/bin/squirm' process.
The squid processes are hanging after that. There will be no problem if
I start /usr/bin/squirm manually from shell.
1.) Do I follow the right strategy ?
2.) What could be the reason for problems described above ?
Best Regards
Bernd
Received on Tue May 11 2004 - 06:43:42 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:01 MDT