[squid-users] Squid Reverse HTTPS Let's Encrypt

erdosain9 erdosain9 at gmail.com
Thu Aug 23 13:33:23 UTC 2018 

Hi.
I have Squid configured as a proxy reverse.
The DNS are configured too. The clients can access from outside without
problem.
It is working well.

But I want to serve web pages with https and I would like to use Let's
Encrypt (or something similar) so clients do not have to accept an invalid
certificate.

I wanted to know if this is possible. 

Somebody can give me a hand??

this is my config so far:

---------------------------------------------------------------------------------------------------------------------------

http_port 192.168.1.21:80 accel defaultsite=soporte.mydomain.ar vhost

cache_peer 192.168.1.246 parent 80 0 no-query no-digest originserver
name=soporte
acl soporte_acl dstdomain soporte.mydomain.ar
http_access allow soporte_acl
cache_peer_access soporte allow soporte_acl

cache_peer 192.168.1.223 parent 80 0 no-query no-digest originserver 
name=phplists
acl phplists_acl dstdomain phplists.mydomain.ar
http_access allow phplists_acl
cache_peer_access phplists allow phplists_acl

cache_peer 192.168.1.107 parent 80 0 no-query no-digest originserver 
name=owncloud
acl owncloud_acl dstdomain owncloud.mydomain.ar
http_access allow owncloud_acl
cache_peer_access owncloud allow owncloud_acl

cache_peer 192.168.1.167 parent 443 0 no-query no-digest originserver
name=micro
acl micro_acl dstdomain microimporta.com.ar
http_access allow micro_acl
cache_peer_access micro allow micro_acl

--------------------------------------------------------------------------------------------------------

I read that i have to put squid earing in 443 like this with the certificate

https_port 443 cert=/path/to/cert.pem key=/path/to/private.key (here is
where i put the let's encrypt certificate?? this will work?)

The servers have to have configured let's encrypt?
Squid has to have configured let's encrypt?
Both have to have them configured?

(is the term "have to have" in English well used? :-)

Greetings and many thanks to all.



--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html

More information about the squid-users mailing list