On Mon, 13 Dec 2004, Ow Mun Heng wrote:
> Right, exactly as I thought. hence, I presume, with the SSL update, then
> squid can actually use the generated server-side cert and encrypt the
> request to be forwareded to the backend server.
Yes, but you still won't be able to use (browser) client certificates to
authenticate to the backend servers.
To use client certificate based authentication the end-user client must
talk SSL directly to the server it is supposed to authenitcate to, not a
surrogate inbetween.
> (hmm.. Now, I need to figure out if Fedora's RPMS are patched for
> SSL, not that I need it though)
They are not patched with the SSL update, for good reasons.
Regards
Henrik
Received on Mon Dec 13 2004 - 09:11:42 MST
This archive was generated by hypermail pre-2.1.9 : Sat Jan 01 2005 - 12:00:02 MST