[squid-users] Is there a way to allow connection according to user certificate?

Ser de Bronce serdebronce at gmail.com
Thu May 5 16:07:35 UTC 2016


Yuri,

> But this is the default behaviour for proxy with auth

I didn't know that.
Initially I tested on iPhone using wi-fi connection and as I said earlier
there are wi-fi proxy settings on iPhone so user should type them only once
and then each browser and app works without asking login/pass.

> I still do not understand the purpose for which authentication is
required?

This proxy will be available from anywhere, but I need to prevent usage of
this proxy by anyone, except my clients. This is the main purpose.
I had a plan to give login and password to each client, but as I said
earlier this is not possible because of user experience reasons.
Also I can't rely on MAC, IP or other indirect attributes.

So I try to find other ways to check if user who is connecting to proxy is
my client or not.
Right now I see only two ways here:
1) authentication by proxy server using certificates
2) authentication by some other server which accept certificates and then
redirecting connections to proxy.

As I said I'm novice and didn't use proxy earlier. Maybe you know better
solution.

Best regards,
Sergey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160505/e2063cec/attachment.html>


More information about the squid-users mailing list