I am kinda new to squid. Been looking over the documentation and I just wanted a sanity check on what I am trying to do.
I have a web client that hits my squid server. The squid connects to an apache server via ssl. Here are the lines of interest from my squid.conf for version 3.1.8 http_port 80 accel defaultsite=123.123.123.123 cache_peer 123.123.123.123 parent 443 0 no-query originserver ssl sslflags=DONT_VERIFY_PEER name=apache1 The good news is, that works just as I hoped. I get a connection. But I am questioning the DONT_VERIFY_PEER. Don't I want to verify peer? I simply hacked up a self signed cert on the apache server. Installed mod_ssl and restarted apache and everything started to work on 443. On the command line for the squid server I can curl the apache box with: curl --cacert _the_signed_cert_from_the_apache_node_ https://apache.server Is there a way with sslcert and sslkey to setup a keypair that will verify? Do I need a signed cert? I tried to add the cert and key to the cach_peer line in the config. Squid did restart. But no connection. Why would curl work but not squid? -- -Dean
