On Mon, 13 Dec 2004, Ow Mun Heng wrote:
Right, exactly as I thought. hence, I presume, with the SSL update, then squid can actually use the generated server-side cert and encrypt the request to be forwareded to the backend server.
Yes, but you still won't be able to use (browser) client certificates to authenticate to the backend servers.
To use client certificate based authentication the end-user client must talk SSL directly to the server it is supposed to authenitcate to, not a surrogate inbetween.
(hmm.. Now, I need to figure out if Fedora's RPMS are patched for SSL, not that I need it though)
They are not patched with the SSL update, for good reasons.
Regards Henrik
