RE: [squid-users] Configuring reverse proxy for both 80/443

From: Nick Duda <nduda@dont-contact.us>
Date: Wed, 5 Mar 2008 11:35:33 -0500

Still not working properly. Here is what my configuration looks like,
followed by what it is doing:

http_port 80 defaultsite=www.insideserver.com vhost
https_port 443 cert=/path/to/cert/example.crt
key=/path/to/key/example.key defaultsite=ssl.insideserver.com vhost
#
acl example_sites dstdomain www.insideserver.com ssl.insiderserver.com
acl example_ssl proto HTTPS
#
cache_peer 192.168.0.10 parent 443 0 no-query originserver ssl
name=example_ssl
cache_peer_access example_ssl allow example_sites example_ssl
#
cache_peer 192.168.0.10 parent 1080 0 no-query originserver
name=example_http
cache_peer_access example_http allow example_sites

I setup an entry in my host file:
68.x.x.x. www.insiderserver.com

I open IE and browse to www.insiderserver.com and it works, no problem
I browse to ssl.inisdeserver.com which is the same server as
www.insideserver.com but requires SSL to connect and IE just
spins....thinking over and over. I look at the access.log on the proxy
and over and over it keeps trying to make a connection, but its saying
example_http even though im trying for the SSL version

TCP_MISS/302 574 GET https://ssl.insideserver.com -
FIRST_UP_PARENT/example_http text/html
TCP_MISS/302 574 GET https://ssl.insideserver.com -
ANY_PARENT/example_http text/html
TCP_MISS/302 574 GET https://ssl.insideserver.com -
FIRST_UP_PARENT/example_http text/html
TCP_MISS/302 574 GET https://ssl.insideserver.com -
ANY_PARENT/example_http text/html
TCP_MISS/302 574 GET https://ssl.insideserver.com -
FIRST_UP_PARENT/example_http text/html
TCP_MISS/302 574 GET https://ssl.insideserver.com -
ANY_PARENT/example_http text/html
TCP_MISS/302 574 GET https://ssl.insideserver.com -
FIRST_UP_PARENT/example_http text/html
TCP_MISS/302 574 GET https://ssl.insideserver.com -
ANY_PARENT/example_http text/html

-----Original Message-----
From: Anthony Tonns [mailto:atonns@promotions.com]
Sent: Wednesday, March 05, 2008 10:44 AM
To: squid-users@squid-cache.org
Subject: RE: [squid-users] Configuring reverse proxy for both 80/443

You want something like this:

http_port 80 defaultsite=www.example.com vhost
https_port 443 cert=example.crt key=example.key
defaultsite=www.example.com vhost
#
acl example_sites dstdomain www.example.com example.com
acl example_ssl proto HTTPS
#
cache_peer 127.0.0.1 parent 1443 0 no-query originserver ssl
name=example_ssl
cache_peer_access example_ssl allow example_sites example_ssl
#
cache_peer 127.0.0.1 parent 1080 0 no-query originserver
name=example_http
cache_peer_access example_http allow example_sites

> -----Original Message-----
> From: Nick Duda [mailto:nduda@VistaPrint.com]
> Sent: Tuesday, March 04, 2008 5:11 PM
> To: squid-users@squid-cache.org
> Subject: [squid-users] Configuring reverse proxy for both 80/443
>
> I seem to be stumped. I need to reverse proxy for one internal server
> that listens on both 80 and 443. How can I configure squid to proxy
for
> the same cache-peer on both 80 and 443? As far as I can see you can
only
> specify one protocol per cache-peer line. I think I am missing
> something.
>
> - Nick
Received on Wed Mar 05 2008 - 09:34:44 MST

This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:04 MDT