Re: [squid-users] Secure acceleration

From: Ben Sagal <bmsagal@dont-contact.us>
Date: Mon, 5 Dec 2005 18:48:29 +0200

You miss understood me, I know all communication from the squid to the
backend is unencrypted. What I want is for squid to log weather to
client web browser connected to the http port or the https port of
squid this information to be sent to the redirector.

Ben

On 05/12/05, Matus UHLAR - fantomas <uhlar@fantomas.sk> wrote:
> On 05.12 15:08, Ben Sagal wrote:
> > I have a squid server, I is currently setup to accelerates both normal
> > and ssl pages. I have a redirector running and deepening on which page is
> > requested it rewrites the address for the relevant server.
> >
> > I would like the redirector to also be able to differentiate between
> > http and https pages, ie. the redirector could send
> > http://mydomain.com/index.html and https://mydomain.com/index.html to
> > different pages/servers. Is there any way to adjust squid sop that
> > the URL that is sent to the redirector (and stored in the logs)
> > reflects if the client connected to the standard port of the ssl port.
>
> don't you trust the network between squid and servers? Note that security of
> connections is already lower because squid can see the content. Also server
> won't see real clients' sertificates...
>
> However, for this kind of setup you need squid-3.0, or the squid SSL patch -
> squid 2.5 can't behave as https client.
>
> --
> Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Remember half the people you know are below average.
>
Received on Mon Dec 05 2005 - 09:48:33 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 31 2005 - 12:00:02 MST