[squid-users] Accelerator http to https

creditu at eml.cc creditu at eml.cc
Thu Nov 24 01:19:38 UTC 2016

I'm in the process of converting all our sites from purely http to https
using squid accelerators .  During the initial roll out both http and
https will be accepted.  After that we want to only accept https, so a
redirect from http to https will be needed.  What I have below seems to
work, but I would like to keep the original request (URL and PATH) in
tack instead of redirecting them to the main page.  I know in 3.2 and
higher you can use FORMAT TAGS (%H%R), but I'm stuck using 3.1 for the
near future. 

 Any possible work around that I might be able to use.  The only thing I
 can think of is to send it to an ERROR page with some code to do the
 task.  Does squid support any coding options in custom error pages.

#Config File
https_port accel defaultsite=www.example.com
cert=/path/to/squid.crt key=/path/to/squid.key
https_port accel defaultsite=dev.example.com
cert=/path/to/squid.crt key=/path/to/squid.key
http_port 80 accel vhost
#http_port accel defaultsite=www.example.com
#http_port accel defaultsite=dev.example.com

# cache_peer and cache_peer_access statements to port 80 on the origin
servers to make it work. . . . .
# HTTP peer(s) for www.example.com
acl www_site dstdomain www.example.com
cache_peer parent 80 0 no-query connect-fail-limit=10
weight=1 originserver round-robin
cache_peer_access allow www_site
cache_peer_access deny all
......... more cache_peer and cach_peer_access statements .........

# Redirect http to https
acl HTTP proto HTTP
acl www_site dstdomain www.example.com
acl dev_site dstdomain dev.example.com

http_access deny HTTP www_site
deny_info https://www.example.com HTTP www_site

http_access deny HTTP dev_site
deny_info https://dev.example.com HTTP dev_site

http_access deny HTTP

More information about the squid-users mailing list