This is a multi-part message in MIME format.

------=_NextPart_000_06BF_01C3ECDA.94E1D680
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

What I think you want is Squid as an SSL Accelerator, and the Webserver on
the back end running unsecure.

Load the Cert and Key in the squid.conf, squid -k reconfigure, and run from
there.

See also FAQ Section 19.

Brian Peterson
If it's there and you can see it - it's REAL
If it's there and you can't see it - it's TRANSPARENT
If it's not there and you can see it - it's VIRTUAL
If it's not there and you can't see it - it's GONE

> -----Original Message-----
> From: Kent, Mr. John (Contractor) [mailto:kent@nrlmry.navy.mil]
> Sent: Friday, February 06, 2004 5:32 PM
> To: Henrik Nordstrom
> Cc: Squid_Users (E-mail)
> Subject: [squid-users] RE: Squid Accelerator and SSL
>
>
> Greetings,
>
> I downloaded and installed Squid3.0 and it works!
>
> I can redirect to a backend server running https and the
> web pages come up fine.
>
> The problem I now have is that the accelerator works
> perfectly and hides
> the fact that the client is connecting to an https server.
>
> Somehow I don't think that's what I want.
>
> Is there a way to hide all redirections from the clients
> browser's except those
> going to an https server?
>
> Doesn't the Client need to "see" https in the URL in order to
> securely transmit a
> password for instance?
>
> I guess the only way to handle this is to have a hyperlink on
> a page directly to
> the https server and bypass Squid altogether.
>
> If this shows a gross ignorance of the process, I confess.
> Perhaps someone can set me straight.
>
> Thank you,
> John Kent
>
>
> -----Original Message-----
> From: Henrik Nordstrom [mailto:hno@squid-cache.org]
> Sent: Friday, February 06, 2004 9:44 AM
> To: Kent, Mr. John (Contractor)
> Cc: Squid_Users (E-mail); Henrik Nordstrom (E-mail)
> Subject: Re: Squid Accelerator and SSL
>
>
> Squid-2.5.STABLE can not initiate SSL connections, only accept SSL
> connections.
>
> To initiate SSL connections you need the SSL update patch from
> devel.squid-cache.org, or Squid-3.
>
> Regards
> Henrik
>
> On Fri, 6 Feb 2004, Kent, Mr. John (Contractor) wrote:
>
> >
> > Greetings,
> >
> > I am using Squid as a front-end accelerator on top of a server farm.
> > Wanted to re-direct to an https enabled Apache Server.
> > Squid is in a "DMZ" and talks to the server farm through a firewall.
> > The Apache server was set up independently of Squid, by which I mean
> > I created the keys and certificates for it only.
> >
> > It works fine when accessed directly.
> >
> > Per the FAQ, I rebuilt my Squid enabling ssl
> >
> > ./squid -v now gives =3D
> > >Squid Cache: Version 2.5.STABLE4

> > configure options: --prefix=3D/users/webuser/www_squid =
> > --enable-storeio=3Ddiskd,ufs --enable-ssl --with-openssl=3D/usr/lib
> >
> > When the redirection occurs get the following error page from Squid:
> >
> > ERROR
> > The requested URL could not be retrieved
> >
> > While trying to retrieve the URL: =
> > =20
> > The following error was encountered:=20
> > * Unsupported Request Method and Protocol=20
> > Squid does not support all request methods for all access

> protocols. For =
> > example, you can not POST a Gopher request.=20
> >
> > Clicking on the "trying to retrieve" URL above works fine.
> >
> > Any suggestions?
> >
> > Obviously I'm missing a great deal here.
> > If there is more information that I have failed to read, I

> accept all
> > criticism, but would appreciate the link to
> > the applicable reference.
> >
> > Thank you,
> >
> > John Kent
> > Webmaster
> > Naval Research Laboratory
> > Monterey, CA
> > http://www.nrlmry.navy.mil
> >
> >
> >

>


------=_NextPart_000_06BF_01C3ECDA.94E1D680
Content-Type: application/ms-tnef;
name="winmail.dat"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="winmail.dat"

eJ8+IiwBAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5AQAAAAAAA DoAAEIgAcAGAAAAElQTS5NaWNy
b3NvZnQgTWFpbC5Ob3RlADEIAQ2ABAACAAAAAgACAAEGgAMADg AAANQHAgAGABEAOAAAAAUAMQEB
A5AGAPwMAAAlAAAACwACAAEAAAALACMAAAAAAAMAJgAAAAAACw ApAAAAAAADAC4AAAAAAAMANgAA
AAAAHgBwAAEAAAAsAAAAW3NxdWlkLXVzZXJzXSBSRTogU3F1aW QgQWNjZWxlcmF0b3IgYW5kIFNT
TAACAXEAAQAAABYAAAABw+0dogENopWvOclEX6XAnpZiYu4bAA ACAR0MAQAAABkAAABTTVRQOkJQ
RVRFUlNPTkBQQUlDTC5DT00AAAAACwABDgAAAABAAAYOAHi2iB 3twwECAQoOAQAAABgAAAAAAAAA
UxQY6O6p1BGxfQABAmMUvMKAAAADABQOAQAAAAsAHw4BAAAAAg EJEAEAAAADCQAA/wgAANMRAABM
WkZ1nQVN5QMACgByY3BnMTI14jIDQ3RleAVBAQMB9/8KgAKkA+QHEwKAD/MAUARWPwhVB7IRJQ5R
AwECAGNo4QrAc2V0MgYABsMRJfYzBEYTtzASLBEzCO8J97Y7GB 8OMDURIgxgYwBQMwsJAWQzNhZQ
C6YgV0MT4AVASSB0aAuAa+QgeQhgIHcAcAVABACBBgBxdWlkIG EEIBEDkVNTTBDAY2Nl7mwEkB0Q
BbAsHwEewB1gkmUc4GViFBBydhKBewIgIINiANAdoAnwHsByxH VuAwBuZyAigBQQcmMIcGUuCqIK
hAqATHRvYSB0QwSQBUAgUkusZXkeQCGEcx6SLgWgzG5mIDAmEy AtHaAYILkmcmlnI0EgNCJxIANS
HyCCI10GYCCwB0BzbyCIRkFRBlFjdGkhcbQxOSN7QgchA6BQFC BPBJAqgAuQI5NJZh5AdN4nBCAp
AyBDHcJjA5EUEGsgsC3QIC+kLS+kLdNS3EVBH2AtTy5cJwVAL0 kBMBpUUkFOU1BByTDQTlQxHW5v
BUAyD4MvODAaVklSVFUw/4c2XzLcMBpHT05FMRWtI4Q+JyA+Qk8FEGcLgIcHQAXQB5BzYWd lPkN1
PcZGA2E6JVECMCAwTUByLiBKb2gDoCgfCFACMB/gKxAFsCkgWycAwAMQIAA6a0DRQG5Acmxtcnku
PuB29UOgbQMQXT3GBmACMECg00BgHrBheSAwRiDgInAzCsAlgD A2IDAB0DA0kCA1OjMUQFBNPcZy
VELgIEgJ8AUQHaBOOQWwZHNB8ANwPcZDYzNAoB6DX1UhAQQgKE WKLUKSKURXdWJqKwGlQKBbJhMt
dUoyXTDBv0mlH3ogQx9BPcZOzkcJ0TMrICLAcyxOzh1AZG/8d24XsCRgCYAgQwuASLDPB0AfwE5x
HpIzLhZQUrPFBUB3BbBrcyFQ7y7z3RghaSdhOoEqkGEh0yIy6y EFInZoAkBwHvIgcz3G+ncg4CAK
sD9wBCAFoAeAvSLgcCigC4AjZk8oVCCh9nADYAJgZSjgHUA6YA fg/xPgITAeQh1gHREgkgDQTbir
VJNPN3AEkGYrAWwlgLcgUh1wAQBzPcYgkmZCEfld+GNsCJAeJC ZxWzArEX8iwVbiA6BYpCEEQUBP
P1P9WqFoXVFR4jMCHWReAjHR7ncdBB4CW19JMecd8SWA/1bhYRIqUQMgVlYrMQQgKLb/YvVfmEXQ
UhAhATHRDsAfoJsFMR1gbxQQPcZnb2Qf5SETP07ORG8HkGdkJL GvYxRbMFKBVuEiL0EiWJX5JaVV
Uh9gJaFIgRKBVuH/PcYjFGChQfEAgEQQJQFfqL8e4APgSIEooAWxUvNuH6D/ca8dQCfQPzEggwIg
YKFq5v8gUR/AHVJ1ATHhfJJdoVcQ/Gh5YDFjEB2RIXE9xlcQ/1oyUfBWg3dydnggkmS6IEP+Yn5Q
eOEedkLBP3ApAmkv+zGBfSNzZuEe8XAQA2AEEf8nwDpgd7EfoC FghSJcgx+gfwQQIDBV8SaBPzGE
ByzAcv8T4GTiWqECIGLhLxMFQFqx+0ixC3BnWKCED1xgAHAdo/9Q10FjQMJOzz3fPu8/+0gO80J3
QYBvQEwkLwAT0CNgHQWwZ0RPRV9GZTk6NH1GsEFHO0DPQdhJD0 odO+eSH0p/S4dSZU0fTi+OnwEe
gy0yLjUuU1T4QUJMPUAvAjpiC4AxsP8HMA6wHzNjpmxxIDB781 6S/wUxH0KPJqTJi29HwKPvpPb/
HbNz5CChH0Ja4JYAqWEKsD50E9Aoo48mAQAhMGwuf5P9pXEFwK JkU+Cg7p8QZ+8LEWFXSASg7k8D
oJXRIDC+NpZCRnMgMJivQdl3A2B9DrA6oO62alBPtvsdQGG/KOBMgCKyHogoogIwLSIy+16aIXJv
WvCHEVcQIQViIOxyba9Hj4BXHhF0BBggvi1WeWSWCfABoFNSQQ qw/5RxBlJlQrhoHoR9QgOgVxDw
IkRNWnSgIFMHQF+B31bhJdO9OB1RA2B1izC60v9WgR4AU0C92V xiwQUhBR4A/2TyBUBa4QuAAQBg
MMlBAjD/YKGHER6DIDCCkGhhDeCsUP8dQAeAAHC5CgUAy3C+syCh/UMAeVjkH6AAIAaQDeCpUf9s
kXlyBUB78r3ZuQlUdVsD/2hhCfBegwQQUoGABs8/tuLfiTEggyqxh/IYIGIeoELA/4qgJYAehMCD
IrIEEBgA0u/pj4AuLybVdi+gXUKQIKMhMAQgPTNE1tg+HoR2Q5RimIBWLPErM qLINP/W2CeHIWAF
MGximICPkVygqQEQaXjZcS9Mgy9Z8ddMgt9A39BfJtQ91tiPoO 3AhC1IsAWwZSsw2XFWcPRza8qA
dQPQ4RnWsI+R+wPwHWAtvKAJ8Nah3rTfsP9jEAww1u++YdFyIJ Jr6SFg/x+QCHAEIIOhYdQG8Bew
A/D/IsEEkANgBcB/syizHoO198G2akVSUk9SxswYIJ8ekAeQvrJ1kgWgdWwewP06Ym LnAkHwCJAh
MAsx6v//HOEDEH0BQ5BwRe72dUaYgIXgeTxYozovL3j0L+P1P/VxbD49DAHG2+jeX8iCCfDuIb6h
GCE69qsq7wyCdYAAgFrgcBfBUoGfEO/tY5Bxb1FSlFC1sYegBvD/9qsehFIAB5E6YvsFa5X7xP8H
gPxCzmRrotG0X6j85YiQ/yqgBbHgeQ7AucALUCgBNzbZOmJQT6MAVwFHvKApEf3tNi72qwb Ic3Ei
ACKyIXXeIvEvdJF1kgygb12h0Liz0s+24kFuRiD7AGdaUcdsU3 ontmpPYnYrMEyA+WChSSco4EQQ
AZAisoXy/8yBrSGQUSkZuWOHIzbBHlH/FWASoiaQrqCcACsjXgMdQP9dg2Ig8OG+1SRgh/J/F6X0
r2ui3FmQACsgYx5QbcqR/nVUcu5CiXDeURgQqVIgkv9+kyAADeheU/sgCBHjMidR/2Bg+XB58Quf
xySMnrZqjZ+vvmHVEJwA7ZFyHohOfeDfkFGfEG+AsICsQUwKka ATOnkeiE1B0WqBliFDQf8eiFii
8/Hf0UOwQ2wejyfPBaEofSogAB4AQhABAAAAQgAAADw5OUI3QkJE NjExRUVDMDQ3QjkyNkVDRjE4
OUU3Mzc3ODY5RjRENEB6ZXVzLncyay5ucmxtcnkubmF2eS5taW w+AAAAAwAJWQEAAAADAACACCAG
AAAAAADAAAAAAAAARgAAAAAQhQAAAAAAAAsAA4AIIAYAAAAAAM AAAAAAAABGAAAAAAOFAAAAAAAA
AwAIgAggBgAAAAAAwAAAAAAAAEYAAAAAUoUAAHN5AQAeAAmACC AGAAAAAADAAAAAAAAARgAAAABU
hQAAAQAAAAQAAAA5LjAACwAKgAggBgAAAAAAwAAAAAAAAEYAAA AABoUAAAAAAAADAAuACCAGAAAA
AADAAAAAAAAARgAAAAABhQAAAAAAAAsAFIAIIAYAAAAAAMAAAA AAAABGAAAAAA6FAAAAAAAAAwAV
gAggBgAAAAAAwAAAAAAAAEYAAAAAEYUAAAAAAAADABeACCAGAA AAAADAAAAAAAAARgAAAAAYhQAA
AAAAAAIB+A8BAAAAEAAAAFMUGOjuqdQRsX0AAQJjFLwCAfoPAQ AAABAAAABTFBjo7qnUEbF9AAEC
YxS8AgH7DwEAAABBAAAAAAAAADihuxAF5RAaobsIACsqVsIAAG 1zcHN0LmRsbAAAAAAATklUQfm/
uAEAqgA32W4AAABEOlxtYWlsLnBzdAAAAAADAP4PBQAAAAMADT T9NwAAAgF/AAEAAAAxAAAAMDAw
MDAwMDA1MzE0MThFOEVFQTlENDExQjE3RDAwMDEwMjYzMTRCQ0 M0RTU2OTAxAAAAAAMABhChFe+w
AwAHEHwKAAADABAQAAAAAAMAERAHAAAAHgAIEAEAAABlAAAAV0 hBVElUSElOS1lPVVdBTlRJU1NR
VUlEQVNBTlNTTEFDQ0VMRVJBVE9SLEFORFRIRVdFQlNFUlZFUk 9OVEhFQkFDS0VORFJVTk5JTkdV
TlNFQ1VSRUxPQURUSEVDRVJUQU5ESwAAAADkJQ==

------=_NextPart_000_06BF_01C3ECDA.94E1D680--