Re: [squid-users] Reverse proxy with HTTPS

From: kkk kkk <fafafa888_at_gmail.com>
Date: Fri, 24 Jun 2011 04:11:30 -0400

If you want to proxy the HTTPS connection, the only method is to
generate your own SSL certificate. However, your client will see a
warning page on every HTTPS page.

The following method works under Interception Mode. I believe it
should work for reverse mode as well. Please change the configuration
accordingly.

1. Make sure you have OPENSSL installed
2. Generate your own SSL certificate:
openssl req -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout
www.sample.com.pem -out www.sample.com.pem
3. Configure your squid setting:
http_port 3128 intercept
https_port 39999 intercept cert=/etc/squid/www.sample.com.pem (the
path to your own certficate)
4. Forward port 80 to 3128 and port 443 to 39999 (You can choose your own ports)
5. Done. Now you should be able to access HTTPS with a warning message
of mismatching SSL certificate.

inspiration from
http://dvas0004.wordpress.com/2011/03/22/squid-transparent-ssl-interception/
I changed few things because the original method didn't work for me.
This method works 100% because I just tried it today.

Nick
Received on Fri Jun 24 2011 - 08:11:37 MDT

This archive was generated by hypermail 2.2.0 : Fri Jun 24 2011 - 12:00:03 MDT