RE: [squid-users] Re: Allow connect specify https website

From: Niti Lohwithee <nitil@dont-contact.us>
Date: Thu, 24 Jun 2004 08:30:57 +0700

Niti Lohwithee wrote:

> Now, I use the squid 2.5 stable1 . My requirements want
> everyone connect to ssl website namely
> https://sonic2.tac.co.th/bp3/bin/Index without a authentication. The
> default users must authenication using last rule of http_access. The
> below details configuration file of squid.conf

> [authen section]
> auth_param basic program /squid/bin/ncsa_auth /squid/etc/passwd
>
> [acl section]
> acl SSL_Ports 443
> acl host_allowed src "/squid/etc/host_allowed.txt"
> acl passwd proxy_auth REQUIRED
> acl special_domain dstdomain "/squid/etc/special_domain.txt"

The SSL_Ports acl is missing its type specification. It should be:

acl SSL_Ports port 443

> [http access section]
> http_access allow SSL_Ports special_domain
> http_access allow host_allow passwd
>
> File [special_domain.txt]
> .tac.co.th
> File [host_allow.txt ] = all Intranet ip address
>
> For this config, the squid still popup the user name and
> password for authentication. Is there something else I need to
> configure to allow for this to work?

Fix the SSL_Ports acl line. If it still doesn't work, post your entire
squid.conf (without blank lines or comments).

Adam

[Reply]

        I am really sorry for above squid configuration. In fact , My
squid box have a correct [acl SSL_Ports port 443] but http_access
don't work.

Any advice.

Regards and Thank you in advance
Niti :)
Received on Wed Jun 23 2004 - 19:29:27 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:03 MDT