What I think you want is Squid as an SSL Accelerator, and the Webserver on the back end running unsecure.
Load the Cert and Key in the squid.conf, squid -k reconfigure, and run from there. See also FAQ Section 19. Brian Peterson If it's there and you can see it - it's REAL If it's there and you can't see it - it's TRANSPARENT If it's not there and you can see it - it's VIRTUAL If it's not there and you can't see it - it's GONE > -----Original Message----- > From: Kent, Mr. John (Contractor) [mailto:[EMAIL PROTECTED] > Sent: Friday, February 06, 2004 5:32 PM > To: Henrik Nordstrom > Cc: Squid_Users (E-mail) > Subject: [squid-users] RE: Squid Accelerator and SSL > > > Greetings, > > I downloaded and installed Squid3.0 and it works! > > I can redirect to a backend server running https and the > web pages come up fine. > > The problem I now have is that the accelerator works > perfectly and hides > the fact that the client is connecting to an https server. > > Somehow I don't think that's what I want. > > Is there a way to hide all redirections from the clients > browser's except those > going to an https server? > > Doesn't the Client need to "see" https in the URL in order to > securely transmit a > password for instance? > > I guess the only way to handle this is to have a hyperlink on > a page directly to > the https server and bypass Squid altogether. > > If this shows a gross ignorance of the process, I confess. > Perhaps someone can set me straight. > > Thank you, > John Kent > > > -----Original Message----- > From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] > Sent: Friday, February 06, 2004 9:44 AM > To: Kent, Mr. John (Contractor) > Cc: Squid_Users (E-mail); Henrik Nordstrom (E-mail) > Subject: Re: Squid Accelerator and SSL > > > Squid-2.5.STABLE can not initiate SSL connections, only accept SSL > connections. > > To initiate SSL connections you need the SSL update patch from > devel.squid-cache.org, or Squid-3. > > Regards > Henrik > > On Fri, 6 Feb 2004, Kent, Mr. John (Contractor) wrote: > > > > > Greetings, > > > > I am using Squid as a front-end accelerator on top of a server farm. > > Wanted to re-direct to an https enabled Apache Server. > > Squid is in a "DMZ" and talks to the server farm through a firewall. > > The Apache server was set up independently of Squid, by which I mean > > I created the keys and certificates for it only. > > > > It works fine when accessed directly. > > > > Per the FAQ, I rebuilt my Squid enabling ssl > > > > ./squid -v now gives =3D > > >Squid Cache: Version 2.5.STABLE4 > > configure options: --prefix=3D/users/webuser/www_squid = > > --enable-storeio=3Ddiskd,ufs --enable-ssl --with-openssl=3D/usr/lib > > > > When the redirection occurs get the following error page from Squid: > > > > ERROR > > The requested URL could not be retrieved > > > > While trying to retrieve the URL: = > > <https://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxl>=20 > > The following error was encountered:=20 > > * Unsupported Request Method and Protocol=20 > > Squid does not support all request methods for all access > protocols. For = > > example, you can not POST a Gopher request.=20 > > > > Clicking on the "trying to retrieve" URL above works fine. > > > > Any suggestions? > > > > Obviously I'm missing a great deal here. > > If there is more information that I have failed to read, I > accept all > > criticism, but would appreciate the link to > > the applicable reference. > > > > Thank you, > > > > John Kent > > Webmaster > > Naval Research Laboratory > > Monterey, CA > > http://www.nrlmry.navy.mil > > > > > > >
<<attachment: winmail.dat>>
