I would like to do that too, but it is my understanding that it can't be
done in Squid (someone tell me that I'm wrong!)
In your case could you run SSL on the Internal Target Sites too? I think
Squid can do that.
Or require that your users have IE and a Microsoft OS then you can use NTLM
authentication, which is (more) secure.
What I wanted to do is let outside users authenticate to Squid then relay
traffic through our IP address space to 3rd party websites that require
IP-authentication. I think I am out of luck so far as SSL.
There is a open source product that claims to do the SSL translation you
want, called DeleGate, http://www.delegate.org/delegate/ which I have not
used myself.
Steve Hunt
> -----Original Message-----
> From: Kieran Skinner [mailto:kieran.skinner@xal.co.uk]
> Sent: Thursday, March 15, 2001 7:32 AM
> To: squid-users@ircache.net
> Subject: [squid-users] SSL Acceleration
>
>
> Hello,
>
> I would like to use squid as an external front end to a
> series of Internal
> sites. Where the external client authenticates to the squid
> server and the
> squid server then does some trickery to display internal
> content. Obviously
> I am not to keen on sending pretty much (near as damn it) clear text
> username and password across the Internet so would like to use SSL for
> Client to SQUID communications.
>
> i.e.
>
> Client ======> External Visible Squid Accelerator =========> Internal
> Target Site
> SLL NO SSL
>
> The connection between the SQUID server and the target server
> does not use
> SSL. Only the connection between the client and the squid
> server would use
> SSL. The only reason I want to use SSL between the Client
> and the Squid
> server is to encrypt the username and password.
>
>
> I already have it working fine without the SSL piece of the
> puzzle, is the
> SSL piece possible, how?
>
>
> Thanks
>
> Kieran Skinner
>
Received on Thu Mar 15 2001 - 10:13:18 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:38 MST