-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Wednesday, August 25, 2004 5:30 PM
To: Brad Taylor
Cc: Henrik Nordstrom; squid-users@squid-cache.org
Subject: RE: [squid-users] SSL and Reverse Proxy
On Wed, 25 Aug 2004, Brad Taylor wrote:
> --- No, the client doesn't need anything other then to use https.
Then you are NOT using client certificates and no client certificates
should be specified in your squid.conf.
--- In a way Squid is a client of the backend server. I do want SSL to
the back end and not stopping at Squid.
> I think this could be the problem. I got the SSL working on a non
> asp site and it worked. So I know it is now the site but don't know
how
> I would fix this.
By making sure the application either knows its externally visible URL,
or
never sends redirects or renders absolute URLs.
> --- Here is log_mime_hdrs on, but not sure what it is telling me.
>
> 1093457746.469 27 192.168.60.154 TCP_MISS/302 495 GET
> http://dev2.autotask.com/ - DIRECT/192.168.60.100 text/html [Accept:
> image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
> application/x-shockwave-flash, application/vnd.ms-excel,
> application/vnd.ms-powerpoint, application/msword,
> */*\r\nAccept-Language: en-us\r\nAccept-Encoding: gzip,
> deflate\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
> 5.1; SV1; .NET CLR 1.1.4322)\r\nHost: 192.168.60.129\r\nConnection:
> Keep-Alive\r\nCookie: CI=5\r\n] [HTTP/1.1 302 Object moved\r\nServer:
> Microsoft-IIS/5.0\r\nDate: Wed, 25 Aug 2004 18:15:50
> GMT\r\nX-Powered-By: ASP.NET\r\nConnection: keep-alive\r\nLocation:
> https://dev2.autotask.com/Default.asp?\r\nConnection:
> Keep-Alive\r\nContent-Length: 121\r\nContent-Type:
> text/html\r\nSet-Cookie:
> ASPSESSIONIDQCDCCCSA=BABPPHACPKANJHCBGINIBKLO;
> path=/\r\nCache-control: private\r\n\r]
This says that web server sent a redirect, directing the browser to
request "https://dev2.autotask.com/Default.asp?" instead of what it was
requesting.
If https://dev2.autotask.com/ is your externally visible URL for this
server (i.e. the URL which points to Squid) then this should be fine.
--- It works and I'm NOT redirected off https://dev2.autotask.com/ but
the TCP-MISS and DIRECT in the above log show that nothing is coming
from cache. I need the images to be cached. I've been reloading the
site but still going DIRECT.
Received on Wed Aug 25 2004 - 15:59:28 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:02 MDT