AW: [squid-users] HTTP/1.1 reverse Proxy over SSL?

Thu, 02 Oct 2003 07:46:43 -0700 

I got this to work using virtual ips,  a redirector, and the cache peer statements. 


cache_peer server1.wherever.org parent 80 443 no-query front-end-https=on
cache_peer server2.wherever.org parent 80 443 no-query front-end-https=on
never_direct allow all
acl acl1 dstdomain server1.wherever.org
cache_peer_access server1.wherever.org allow acl1
cache_peer_access server1.wherever.org deny all
acl acl2 dstdomain server2.wherever.org
cache_peer_access server2.wherever.org allow acl2
cache_peer_access server2.wherever.org deny all
redirect_program /opt/scripts/redirector.pl

httpd_accel_single_host off

#### here's the redirector- don't know if all of this is really necessary

#!/usr/bin/perl
    $|=1;
    while (<>) {
        open (INPUT,">>/tmp/input");
        printf INPUT;
        [EMAIL PROTECTED]://[EMAIL PROTECTED]://server1.wherever.org@;
        [EMAIL PROTECTED]://[EMAIL PROTECTED]://server1.wherever.org@;
        [EMAIL PROTECTED]://[EMAIL PROTECTED]://server1.wherever.org@;
        [EMAIL PROTECTED]://[EMAIL PROTECTED]://server2.wherever.org@;
        print;
        open (OUTPUT,">>/tmp/output");
        printf OUTPUT;
    }

Hope this helps,

David

-----Original Message-----
From:   mailinglists [mailto:[EMAIL PROTECTED]
Sent:   Thu 10/2/2003 6:55 AM
To:     Markus Gaugusch; [EMAIL PROTECTED]
Cc:     
Subject:        [MAYBE STA SPAM] AW: [squid-users] HTTP/1.1 reverse Proxy over SSL?


Hi

I know that Squid 2.5 doesn't support host headers if used in a ssl environment as 
yours. 
What you intend to do can be done if you use 1 squid box per 1 M$ www box. 
However I unfortunately can't say anything about Squid 3.0.

Philipp

> Unfortunately, my squid setup still doesn't work. I'll describe the 
> scenario more detailed:
> We have several official ip's that we want to map 1:1 to 
> internal (M$) 
> Servers. Squid should terminate the SSL tunnel.
> 
> INET<->Official-IP1:443<->Squid<->InternalServer1:80
> INET<->Official-IP2:443<->Squid<->InternalServer2:80
> 
> So I really just want an 1:1 mapping, but squid doesn't allow 
> to be run 
> more than once (tried it), and with my current configuration 
> it always 
> uses the first cache_peer :-(
> 
> I don't mind if I have to use Squid-3.0-PRE version or a 
> stable. I just 
> want it to work ...
> 
> thanks for any hint!!
> Markus
> 
>

Reply via email to