[squid-users] ssl cert wiki

Amos Jeffries squid3 at treenet.co.nz
Mon Jan 12 14:20:05 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 13/01/2015 12:00 a.m., HackXBack wrote:
> in this case the clear question is what https_port line must
> contain ?
> 

The basic config for a reverse proxy is supposed to be just this:

  https_port 443 accel no-vhost \
    defaultdomain=example.com \
    cert=/path/to/example.com_cert.pem


That means: configured as a reverse-proxy accepting encrypted traffic
on port 443 for the domain example.com, with the encryption keys (both
private and public/certificate) in the given .PEM format file.


PS. For proxies that support "no-vhost" it is required. Otherwise just
omit that option.

Amos

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJUs9gVAAoJELJo5wb/XPRjIsQIALG1Ehyy1ZNQvLlOl0ZATh58
2vxQjSGtIKvpXY0rKYW5qb9alL5iEDFDi/Ae/T3O5NyXJyURyxVziFD2OdEq1OXI
kNmwnD0dZE1cB55bRRtbatIs5znYzLj7+By9AWbnOgbV5bjvVuojPxHeGHPdtI8v
rvj4hC/4DiyOS5xGz29roOwd+iEsYjxi1nLsygKGZTM5DZOeAR6CSiwZV+kuOr2c
WDptdVUJIsJ4SenuVvUN6vhIt0SaFvtP2PO5Q8toGe6sqLpazo+LurrhCi8uY1Dm
Tvo+PNXSc6gcnuTSVbFVKNFq0gz0A8KK4I1AAB0fbzW5le7YH/fTJYg8xz88iNU=
=XEon
-----END PGP SIGNATURE-----


More information about the squid-users mailing list