[squid-users] explicit forward proxy to server requring client authentication

Yuri Voinov yvoinov at gmail.com
Tue May 17 22:05:49 UTC 2016 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
..... and a bit below in squid.conf.documented we can see.....

# SSL OPTIONS
#
-----------------------------------------------------------------------------

#  TAG: sslproxy_client_certificate
#    Client SSL Certificate to use when proxying https:// URLs
#Default:
# none

#  TAG: sslproxy_client_key
#    Client SSL Key to use when proxying https:// URLs
#Default:
# none

Ta-daaaaaaaa!


18.05.16 3:11, Robert W Weaver пишет:
> Greetings, squid users and devs,
>
> I think this is usual, but I can't find examples, and I can't make it
work. :-)
>
> The issue is I need to connect to a site that requires client
authentication.  Don't want to put the key and cert on each individual
user, so instead want the key and cert on the proxy.
>
> Diagram:
>
> User A ---> Squid S ---> Server B
>         ^            ^
>         |            +-- TLS client authentication
>         +-- cleartext okay
>
> I'm able to bump, but the client authentication to server B isn't
working.  Configured cert and key on S with ssl-bump cert= .. key= ..
but that isn't working.
>
> Is this not possible?
>
> --woody
>
>
> /-- 
> "I used to wish the universe were fair. Then one day it hit me: What if
> the universe were fair? Then all the awful things that happen to us in
> life, would happen because we deserved them. So now I take great pleasure
> in the general hostility and unfairness of things."
> -- Marcus, on Babylon 5/
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBCAAGBQJXO5W9AAoJENNXIZxhPexG94UH/AvnmThl9LLLY8WN61iYpMNl
YxemSMMLgw6OkDSuZvZ9m/IW2ErjqYwCgAaRRj8HFeswFYTpEgMz/gRB84JjvZ7k
xY+e2HRPXlFbwiWf/QxU9F5RjRpn3aAE+6Eh2mlae7WKPwcFUFbOmDy2fZOd+/B5
SIFYGnNtySFu7yQt4awIBlSPc0piEAZFn7+Wwis7NenRcsugkOO2hfCG95Yj3Htm
7OCvlBZvh/sDY4yguFgFNlDYt/0ux6LmTrkGHrNRgWWgtqesRdLSg2cAG+Xoh/ns
IILv3YSiTB9l8b80o3Jlp0dIPU0Y6d6B2ZBvVW9HOzXCI8uswYqIKGTT6qiBZSI=
=uzzn
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160518/b5a7d64a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x613DEC46.asc
Type: application/pgp-keys
Size: 2437 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160518/b5a7d64a/attachment.key>

More information about the squid-users mailing list