I got it working http_port 80 http_port 8080
https_port 443 cert=/usr/local/squid/ssl_gw.pem httpd_accel_host virtual httpd_accel_port 0 httpd_accel_with_proxy on httpd_accel_uses_host_header on The only issue is that with httpd_accel_host Virtual and httpd_accel_port 0, with accel port 0, the server on the back end still needs to listen to port 443, even through it's not doing the SSL encryption/decryption. If all the servers on the back end a just listening to port 80, then set the httpd_accel_port 80. With this scenario, httpd_accel_port 80, the squid will do the SSL encryption/decryption on port 443 (or what ever you set it to on the https_port in the config file) and send clear text to the back-end web servers over port 80. When you set the httpd_accel_port 0, it will forward the clear text to the back end server on whatever port the client came into the squid on. -Sean -----Original Message----- From: Markus Gaugusch [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 24, 2003 11:36 PM To: [EMAIL PROTECTED] Subject: [squid-users] HTTP/1.1 reverse Proxy over SSL? I'm using squid 3.0-PRE3 and would like to implement a reverse proxy that supports several back-end servers via HTTP/1.1. It works without SSL, but this is not what I need :) I know that the certificate will be wrong if I use this configuration, but this is just for internal use and I can generate a wildcard-certificate to reduce the number of warnings received by the user. If this is not possible with squid, I thought about terminating the SSL tunnel with stunnel and run squid on port 80 (or somewhere else, shouldn't matter), but this isn't a really clean solution, right? Markus -- _____________________________________________________ Markus Gaugusch eMail: [EMAIL PROTECTED] PDTS - Prozessdatentechnik und Systeme Gesellschaft fuer industrielle Datenverarbeitung GmbH A-1150 Wien, Moeringgasse 20 Tel.: +43-1-526 17 57/227 WWW: http://www.pdts.at
