Re: [squid-users] HTTPS -> Squid -> HTTP -> origin

From: Chris Robertson <crobertson@dont-contact.us>
Date: Wed, 03 Oct 2007 11:40:26 -0800

Bruce Badger wrote:
> It's great to see RC releases of Squid 3.0.
>
> One of the things I heard would be possible with Squid 3.0 is to have
> Squid accept HTTPS requests and to pass these on to an origin server
> as HTTP requests and the reverse effect with responses, so:
>
> client -- https request --> Squid -- http request--> origin server
> client <-- https response -- Squid <-- http response-- origin server
>
> Will this possible with Squid 3.0? If so where could I read up on it.
> I have checked the wiki put nothing seemed to tackle that. Certanly
> I found no mention of SSL or HTTPS on the reverse proxy page.
>
> Thanks,
> Bruce
>

Just set up a standard reverse proxy, (using cache_peer with the
originserver option, and cache_peer_access if needed to direct traffic),
and add a https_port directive
(http://www.squid-cache.org/Versions/v3/3.0/cfgman/https_port.html).
Squid will accept SSL traffic and request the pages from the back end
server via whatever means you specify with the cache_peer directive.

2.6 can do this now.
http://wiki.squid-cache.org/ConfigExamples/SquidAndOutlookWebAccess has
an example (though for a normal website you won't need the
"front-end-https" argument to cache_peer).

Chris
Received on Wed Oct 03 2007 - 13:40:39 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:00 MDT