[squid-users] Accelerator http to https
creditu at eml.cc
creditu at eml.cc
Thu Nov 24 01:19:38 UTC 2016
I'm in the process of converting all our sites from purely http to https
using squid accelerators . During the initial roll out both http and
https will be accepted. After that we want to only accept https, so a
redirect from http to https will be needed. What I have below seems to
work, but I would like to keep the original request (URL and PATH) in
tack instead of redirecting them to the main page. I know in 3.2 and
higher you can use FORMAT TAGS (%H%R), but I'm stuck using 3.1 for the
near future.
Any possible work around that I might be able to use. The only thing I
can think of is to send it to an ERROR page with some code to do the
task. Does squid support any coding options in custom error pages.
#Config File
https_port 192.168.1.102:443 accel defaultsite=www.example.com
cert=/path/to/squid.crt key=/path/to/squid.key
https_port 192.168.1.103:443 accel defaultsite=dev.example.com
cert=/path/to/squid.crt key=/path/to/squid.key
http_port 80 accel vhost
#http_port 192.168.1.102:80 accel defaultsite=www.example.com
#http_port 192.168.1.103:80 accel defaultsite=dev.example.com
# cache_peer and cache_peer_access statements to port 80 on the origin
servers to make it work. . . . .
# HTTP peer(s) for www.example.com
acl www_site dstdomain www.example.com
cache_peer 192.168.2.21 parent 80 0 no-query connect-fail-limit=10
weight=1 originserver round-robin
cache_peer_access 192.168.2.21 allow www_site
cache_peer_access 192.168.2.21 deny all
......... more cache_peer and cach_peer_access statements .........
# Redirect http to https
acl HTTP proto HTTP
acl www_site dstdomain www.example.com
acl dev_site dstdomain dev.example.com
http_access deny HTTP www_site
deny_info https://www.example.com HTTP www_site
http_access deny HTTP dev_site
deny_info https://dev.example.com HTTP dev_site
http_access deny HTTP
More information about the squid-users
mailing list