On Mon, 10 Oct 2005, Ibrahim Calisir wrote:
> I have googled and read nearly all the messages that are related to
> ssl+squid+auth, however I reached a point that squid https_port is not used
> as proxy port (according to message send to as an answer for "SSL Error:
> clientNegotiateSSL: Error negotiating SSL connection on.." in Wed, 21 Jan
> 2004 19:05:44 +0100 (CET) ). And I have discovered error message "SSL Error:
> clientNegotiateSSL: Error negotiating SSL connection on.." from my cache.log.
> However I want to use ssl+ldap authentication in my squid.
ssl is mainly useful when Squid is used as a reverse-proxy infront of your
web servers. In such setups you install the servers SSL certificate in
your Squid and let Squid handle the SSL encryption/decryption.
client requesting https://name.pointing.to.squid/ -> Squid -> your web
server
It's use in Internet proxies is somewhat limited as there is no browsers
supporting SSL encrypted HTTP proxies. But stunnel or other SSL wrapper
client can be used to extend the client with SSL support if needed (but
requires installation and configuration on each client).
stunnel running on loopback interface port XXXX with SSL tunnel to the
https_port of your Squid
client configured to use stunnel as proxy.
client -> [unencrypted] -> stunnel -> [SSL encrypted] -> Squid
Regards
Henrik
Received on Mon Oct 10 2005 - 16:48:54 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:04 MST