Derek, Thanks for the response. In your conf, it seems that you are communication with the exchange server via ssl port 443. I want squid to listen on 443 with https then retrieve the pages from exchange on 80 with http. I understand this is a major reason to use the pre-release of version 3.
Is this how I would do that?: https_port 3129 accel defaultsite=exchange.domain.com cert=/usr/local/squid/etc/squid.pem protocol=http cache_peer exchangeIP parent 80 0 no-query originserver front-end-https=on login=PASS name=exchange-https Alex -----Original Message----- From: Derek Winkler [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 09, 2004 1:34 PM To: [EMAIL PROTECTED] Subject: RE: [squid-users] Noob - OWA - Squid3 - SSL Remember externally for testing exchange.domain.com should point to the squid server, the squid server itself should be able to resolve exchange.domain.com to the actual owa server. For testing you can make an entry in your workstation host file to point exchange.domain.com to the squid server. The squid server will actually listen on port 443, no need to specify port. This is important since the OWA server doesn't specify a port. Here's my config which worked. visible_hostname whatever.domain.com cache_mgr [EMAIL PROTECTED] https_port 443 cert=/opt/squid/etc/certificate.crt key=/opt/squid/etc/private.key cafile=/opt/squid/etc/cacert.crt defaultsite=exchange.domain.com cache_peer exchange.domain.com parent 443 0 no-query ssl proxy-only originserver login=PASS sslflags=DONT_VERIFY_PEER debug_options ALL,3 ssl_unclean_shutdown on acl owa-exchange urlpath_regex \/exchange(\/|$) acl owa-webid urlpath_regex \/WebID\/ acl all src 0.0.0.0/0.0.0.0 acl all-dst dst 0.0.0.0/0.0.0.0 acl owa-host dst XXX.XXX.XXX.XXX/255.255.255.255 http_access allow owa-host owa-exchange http_access allow owa-host owa-webid http_reply_access allow all-dst http_access deny all http_access deny all-dst > -----Original Message----- > From: Alex Zlaten [mailto:[EMAIL PROTECTED] > Sent: Wednesday, June 09, 2004 2:19 PM > To: [EMAIL PROTECTED] > Subject: [squid-users] Noob - OWA - Squid3 - SSL > > > Hi, > I have been working with squid 3 for a few days now, I don't want to > bother you guys with questions that have already been answered a > million times but here goes. > Is there a good post of a squif.conf for using squid3 as an SSL > front-end? > > Does the URL in the browser have to be the FQDN of the exchange server > or does squid take care of the url translation? > Example: > > Squid server: https://10.0.0.1:3129 > Exchange server (from https_port in conf): exchange.domain.com > > Can I go to https://10.0.0.1:3129/exchange to communticate with > http://exchange.domain.com/exchange ? Or do I have to have DNS point > to my squid server as exchange.domain.com? > > Here is the changes to the default squid.conf I am using: > > https_port 3129 accel defaultsite=exchange.domain.com > cert=/usr/local/squid/etc/squid.pem protocol=http cache_peer > exchangeIP parent 80 0 no-query originserver front-end-https=on > login=PASS name=exchange-https cache_peer_access exchange-https allow > http always_direct allow all acl http proto http cache_peer_access > exchange-https allow http > > Currently, if I go to https://10.0.0.1:3129 I get whatever is in the > root of my exchange server (iis Under construction) If I go to > https://10.0.0.1:3129/exchange, I get the Basic Authentication Login. > After entering the login is says I'm leaving secure connection then I > get page cannot be displayed. > > Thank you for any help. > Alex Zlaten > > >
