Henrik I really appreciate the information you have provided me. I'd like to clarify your last post so that I can then make my next descision:
> Squid-2.5 can provide SSL acceleration like > > clients -- https(SSL) --> Squid -- HTTP --> Web server > here the clients would the clients use SSL? and above does "HTTP" signify running an httpd daemon on the squid box or is it just showing the HTTP proxy tunnel? > This functionality is also available as a patch to Squid-2.5 from > http://devel.squid-cache.org/ > > The use of https is also supported on peer proxy connections, allowing > > clients --> Squid -- https(SSL) --> Another Squid --> Web server again, would the clients be using SSL? > And in both cases Squid can also optionally present a "client > certificate" to the SSL peer, specified in squid.conf. > > Note: proxying of the original client certificate is not possible due to > the man-in-the-middle scenario of these configurations. I'm thinking this is ok sense I only need the certificate to carry through the firewall afterwhich the SSL communication would need to end internally. > Regards > Henrik Thanks again. I understand that if I have to I can just resetup my internal server config to run SSL where needed and really simply this situation. I initially want to see if the option to avoid this exists(will exist).
