[squid-users] RE: Squid Accelerator and SSL
I downloaded and installed Squid3.0 and it works!
I can redirect to a backend server running https and the
web pages come up fine.
The problem I now have is that the accelerator works perfectly and hides
the fact that the client is connecting to an https server. =20
Somehow I don't think that's what I want.
Is there a way to hide all redirections from the clients browser's =
going to an https server?
Doesn't the Client need to "see" https in the URL in order to securely =
password for instance?
I guess the only way to handle this is to have a hyperlink on a page =
the https server and bypass Squid altogether.
If this shows a gross ignorance of the process, I confess.
Perhaps someone can set me straight.
From: Henrik Nordstrom [mailto:firstname.lastname@example.org]
Sent: Friday, February 06, 2004 9:44 AM
To: Kent, Mr. John (Contractor)
Cc: Squid_Users (E-mail); Henrik Nordstrom (E-mail)
Subject: Re: Squid Accelerator and SSL
Squid-2.5.STABLE can not initiate SSL connections, only accept SSL=20
To initiate SSL connections you need the SSL update patch from
devel.squid-cache.org, or Squid-3.
On Fri, 6 Feb 2004, Kent, Mr. John (Contractor) wrote:
> I am using Squid as a front-end accelerator on top of a server farm.
> Wanted to re-direct to an https enabled Apache Server.
> Squid is in a "DMZ" and talks to the server farm through a firewall.
> The Apache server was set up independently of Squid, by which I mean
> I created the keys and certificates for it only.
> It works fine when accessed directly.
> Per the FAQ, I rebuilt my Squid enabling ssl
> ./squid -v now gives =3D3D[color=green]
> >Squid Cache: Version 2.5.STABLE4[/color]
> configure options: --prefix=3D3D/users/webuser/www_squid =3D
> --enable-storeio=3D3Ddiskd,ufs --enable-ssl =[/color]
> When the redirection occurs get the following error page from Squid:
> The requested URL could not be retrieved
> While trying to retrieve the URL: =3D
> The following error was encountered:=3D20
> * Unsupported Request Method and Protocol=3D20
> Squid does not support all request methods for all access protocols. =[/color]
> example, you can not POST a Gopher request.=3D20
> Clicking on the "trying to retrieve" URL above works fine.
> Any suggestions?
> Obviously I'm missing a great deal here.
> If there is more information that I have failed to read, I accept all=20
> criticism, but would appreciate the link to
> the applicable reference.
> Thank you,
> John Kent
> Naval Research Laboratory
> Monterey, CA