On Thu, 2008-10-09 at 08:53 -0700, Puze Yang wrote:
> Please bear with me as I am new to the proxy server filed and my question must be a basic one.
> For re-branding purpose, in a intranet environment, a HTTPS requests from Client browser is
> sent to the Proxy Server, and the Proxy Server in turn request a HTTPS page
> from an internal Web Server.
> Once the content retrieved from the Web Server, the Proxy Server needs
> to replace some particular texts, and then send the modified content to
> the Client.
>
> The question is, whether HTTPS traffic can be "changed" by using Squid
> or do you know any other software may do?
Squid can change HTTPS traffic if (a) end user allows it to do so and
(b) there is some software that does content adaptation on the decoded
traffic. For more information, including many caveats, please see
http://wiki.squid-cache.org/Features/SslBump
http://wiki.squid-cache.org/Features/DynamicSslCert
and
http://wiki.squid-cache.org/SquidFaq/ContentAdaptation
If you are using Squid as a reverse proxy (a.k.a., accelerator or
surrogate -- clients are thinking that your Squid is the origin server),
then you do not need the SslBump component.
HTH,
Alex.
Received on Thu Oct 09 2008 - 17:29:58 MDT
This archive was generated by hypermail 2.2.0 : Fri Oct 10 2008 - 12:00:02 MDT