For SSL between the authenticator and the LDAP server you could use
something like stunnel (www.stunnel.org). I don't think there's much
you can do for traffic between the browser and squid. At least not
without a great deal of work.
Henrik Nordstrom wrote:
>
> The request browser->squid cannot be SSL/TLS encrypted due to lack of support
> for SSL/TLS encrypted proxies in all known browsers.
>
> Squid-2.5 supports SSL/TLS encryption of the proxy service, but without
> support in the browsers it is not of much help.
>
> Encryption Squid -> LDAP server is a matter implementing the needed SSL/TLS
> support in squid_ldap_auth. Should be quite trivial to add I think, but I
> have not yet looked at doing so as I have not needed it in our products.
>
> Regards
> Henrik
>
> On Wednesday 12 December 2001 20.36, Michael Cunningham wrote:
>
> > I am using the ldap authenticator that is part of
> > squid 2.4.stable3. It is working well. I would like to
> > set it up to use ssl or tls to access the ldap server
> > so my passwords are encrypted as they travel over the
> > lan. Does squid support this? If not.. are there plans
> > to make it suppport this? Does anyone know of another
> > way to tunnel squid auth requests over ssl?
>
> --
> MARA Systems AB
> Giving you basic free Squid support
> Priority support or Squid enhancements available on request
-- Jim Richey jrichey@highmark.com Highmark, Inc. http://www.highmark.comReceived on Wed Dec 12 2001 - 13:19:13 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:19 MST