Re: [squid-users] SSL on Squid Reverse Proxy

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 9 Apr 2009 16:39:12 +1200 (NZST)

> Using latest stable squid2.7.6
> Using Squid as a reverse proxy.
>
> Got a setup of Squid --> web server --> java
> site works fine in normal HTTP port 80.
>
> Need to enable SSL for the site also.
> so I added
> https_port x.x.x.x:443 cert=/site_name.com.cert key=/site_name.com.key
> vhost
>
> and
> cache_peer 10.x.x.x parent 443 0 no-query no-digest default
> where cache peer is the INT VIP of the webcluster.
>
> Squid SSL seems to work accord to the logs and browser check.
> 2009/04/08 23:19:07| Accepting accelerated HTTP connections at
> x.x.x.x, port 80, FD 20.
> 2009/04/08 23:19:07| Accepting HTTPS connections at x.x.x.x, port 443,
> FD 21.
>
> Problem is I get
> Error 400 Bad Request when trying to access the site via HTTPS
> through squid.
>
> pointing your host file to 10.x.x.x and checking with the browser over
> HTTPS works.
>
> I think my conf is missing some proper options.
> when adding cache_peer options like ssl , there is no change.
>

cache_peer ... sslflags=DONT_VERIFY_PEER

Amos
Received on Thu Apr 09 2009 - 03:39:13 MDT

This archive was generated by hypermail 2.2.0 : Thu Apr 09 2009 - 12:00:02 MDT