Jan-Frode Myklebust wrote:
> Does squid support being configured as an encrypted (SSL) proxy,
> where the connection between client and proxy go over SSL to avoid
> f.ex. sniffing of the proxy password and other non-https traffic ?
Squid supports it. The https_port directive can be configured just like
http_port but with SSL certificates etc.
The blocker problem is that client browsers do not support it.
>
> Also, could the proxy authentication then be utilizing client
> certificates instead of username/password ?
Authentication? no.
Authorization? maybe. There are some ACL types that can authorize or
deny based on client certificate fields.
Of course you can still do full normal proxy authentication inside the
SSL encrypted requests.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.3Received on Thu May 27 2010 - 10:58:21 MDT
This archive was generated by hypermail 2.2.0 : Thu May 27 2010 - 12:00:06 MDT