On Tue, 23 Mar 2004, Emre CELEBI wrote: > Configuration Summary: > > 1- squid as a reverse proxy in dmz also configured for ssl support.
Ok. > 2- Web server (Unfortunately IIS cause of some fancy !!! vb/java script > programs) in the internal network to serve for both outside clients and > for internal clients.Some directorys on web publishing requie ssl > connection. this is a must. Then you need Squid-3, or if you are lucky you can surive with Squid-2.5 + SSL update patch. Squid-2.5 as distributed can not initiate SSL connections. > Question: Is there a way (like ssl tunneling?? dont know how to just know > about concept) to make squid connect to web server with ssl so that both > outside and inside clients use ssl to web server pages which setup with > ssl? You can use port forwarding / NAT to directly forward any requests for the https port to your web server without going via Squid. You obviously don't get the benefit if Squid access controls & logging when doing this, but instead gain full SSL capabilities including client certificates etc.. Regards Henrik
