[squid-users] Add header to SSL requests to my own domain using my domains certs

Amos Jeffries squid3 at treenet.co.nz
Mon Feb 16 00:45:08 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 16/02/2015 11:46 a.m., Yuri Voinov wrote:
> 
> 
> 16.02.15 4:40, James Beecham пишет:
>> Hi Yuri,
> 
>> Thank you.
> 
>> Are these HTTPS CONNECT requests coming over port 80? If not
>> would I need
> 
> It depends. In different configurations uses different ports. In 
> transparent interception mode your absolutely need separate ports
> for HTTP/HTTPS. In forwarding mode you cah use one port, but with
> SSL parameters.
> 

And James, since you are domain admin the question becomes why are you
not running a reverse-proxy "https_port 443" with your domain cert to
receive the HTTPS traffic and forward it to the origin servers?

Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJU4T2TAAoJELJo5wb/XPRjAmAIAK5HfCAwSMUCXIeFNIPzppBG
24i0loL2Bhg9z/J9ec0iENOEO4XV0LPkNQT2UmyRxO4HZis5Su3Hc8R50tG6mrPf
EdU1H+nTUTygGQkm3nK7OmfdbSy/kV6aXmLM4pToYwwV3j15GDlW0wA0DN9JZhIG
WIBfwb+fCcjD5FJq9HWdGajeWgT9yuT54ufqrRJyjnq2LQMW8q7kbxrr6ue9eZxZ
9Fsz1GnoneHO5nQ1BHbp/rTo+GCEfZLO+r87/6tCcYkYmtKsvP6kI7fCCSE1X0N6
bjUj1iya5Ec92PsPc2ubmemTBIL/P572nO15fKesxlSYWCsdkpsbA0bygiksbZI=
=ZEKG
-----END PGP SIGNATURE-----


More information about the squid-users mailing list