Hi Henrik
Thanks very much for your prompt reply which got me onto the right
track.
On Tue, 2007-05-22 at 00:30 +0200, Henrik Nordstrom wrote:
> tis 2007-05-22 klockan 10:02 +1200 skrev Grant McLean:
> > Hi All
> >
> > I'm setting up Squid for the first time, in accelerator mode in front of
> > an Apache/mod_perl app. Squid is listening on both port 80 (HTTP) and
> > port 443 (HTTPS). The basics (including SSL cert stuff) are working but
> > I've hit a bit of a road block.
> >
> > Is there any way to tell that a particular request came in on the SSL
> > port?
>
> Yes.
>
> To have this forwarded to the backend server see the front-end-https
> cache_peer option.
>
> To detect this within Squid see the myport acl, or alternatively the
> proto acl (but see below).
This response left me quite confused until I realised my main problem
was that I was using the packaged binary of Squid in Debian Sarge
(2.59). Things have obviously changed a lot since that version - the
most obvious thing being that accelerator mode is now configured via
cache_peer rather than httpd_accel_host.
I had to rebuild the package to enable SSL support so it was just as
easy to build the Etch package (2.65) instead. With that in place and
applying your advice, I now have my redirector processes happily
detecting insecure requests for secure data and issuing redirects.
Thanks again
Grant
Received on Wed May 23 2007 - 15:15:22 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:05 MDT