The 2.5 version of the ssl update patch is currently for 2.5.STABLE2. None of the development patches are included in 2.5.STABLE2, only the bugfixes listed on http://www.squid-cache.org/Versions/v2/2.5/bugs/
Regards Henrik ons 2003-03-26 klockan 15.46 skrev [EMAIL PROTECTED]: > Hi! > Thanks so far, I couldn't applie the ssl_update to 2.5 Stable1 but I useed > Squid 2.5 Stable2 cause somewhere > it said that all Patches for Stable1 are included there! > After the installation I included a little rewrite cgi into the squid.conf > which rewrites the incoming request like : > https://localserver into https://192.168.1.1 but I still get the error > message Bad Request ... > What am I doing wrong? > Is there a usable version of Squid 3 out yet? > > Thanks again for your support > greetz > Sebastian Nell > > > > > > > Henrik Nordstrom <[EMAIL PROTECTED]> am 26.03.2003 12:42:46 > > An: [EMAIL PROTECTED] > Kopie: [EMAIL PROTECTED] > Thema: Re: [squid-users] Squid as SSL ReverseProxy - SSL Gateway or > however you wanna call it > > > Squid-2.5 does not support this out of the box. > > With the SSL update patch for Squid-2.5 it gets somewhat possible by > defining the internal server as a ssl enabled cache_peer (works with > most web servers) or using a redirector to rewrite the accelerated URLs > into https://... (works with all web servers) > > > Squid-3 will support such configuration directly, and is significantly > easier to configure than Squid-2.5 + ssl_update. > > > In both cases the https:// request is proxied by Squid, meaning that > there is one SSL tunnel between the client and Squid, and another SSL > tunnel between Squid and the web server, with Squid decrypting and then > re-encrypting the traffic in the middle. > > If what you want is a SSL tunnel between the client and the internal > server then you need to use a tcp plug or port forwarding. > > Regards > Henrik > > > ons 2003-03-26 klockan 09.58 skrev [EMAIL PROTECTED]: > > Hi! > > > > I have been reading through this mailing list quite a while and have > > stumbled over a lot of > > Posts concerning Squid and SSL but not an answer to what I really need. > > What I need is a SSL Connection on both sides of Squid > > > > Client < -----SSL---- > Squid < ----- SSL ----- > Internal Server > > > > I know that this question has been ask quite often and there where People > > who said > > it works some said it doesn?t but there has never been a "real" answer > or > > an example > > concerning whether it is possible or not! > > > > My Squid.conf looks like this (using Squid 2.5 stable1): > > > > http_port 172.16.3.131:80 > > https_port 172.16.3.131:443 cert=squid_cert.pem key=squid_key.pem > > ... > > acl all src 0.0.0.0/0.0.0.0 > > acl manager proto cache_object > > acl localhost src 127.0.0.1/255.255.255.255 > > acl to_localhost dst 127.0.0.0/8 > > acl allowed_hosts src 192.168.1.1/255.255.255.0 > > acl SSL_ports port 443 563 > > ... > > acl CONNECT method CONNECT > > ... > > redirect_rewrites_host_header off > > > > > > http_access allow manager localhost > > http_access deny manager > > http_access allow allowed_hosts > > http_access deny all > > http_access allow CONNECT !SSL_ports > > http_access allow CONNECT > > ... > > acl our_networks src 192.168.1.0/24 192.168.4.0/24 > > http_access allow our_networks > > http_reply_access allow all > > ... > > httpd_accel_port 443 > > httpd_accel_host virtual > > httpd_accel_single_host off > > httpd_accel_with_proxy off > > httpd_accel_uses_host_header on > > .... > > > > And at my /etc/hosts I added an entry > > > > 192.168.1.10 localserver > > > > When I try to access localserver through Squid and https I get the error > > Message > > "Error- Bad Request This web server is running in SSL mode. Try the URL > > https:://pc352:443/ instead." > > > > pc352 is the computer name of localserver. > > > > How to I get SSL to work from Squid to the localserver? > > > > I would be more than thankful if someone could help me out on this one! > > > > THX > > > > Sebastian > > > > ******************************************* > > Beratungsgesellschaft > > Software Systemplanung AG > > Gesch�ftssitz Mainz > > Niederlassung Rhein/Main > > Robert-Koch-Stra�e 41 > > 55129 Mainz > > Phone: 06131 914-0 (-166), Fax -400 > > E-Mail: [EMAIL PROTECTED] > > web: www.bgs-ag.de > > ******************************************** > -- > Henrik Nordstrom <[EMAIL PROTECTED]> > MARA Systems AB, Sweden > > -- Henrik Nordstrom <[EMAIL PROTECTED]> MARA Systems AB, Sweden
