[squid-users] explicit forward proxy to server requring client authentication

Robert W Weaver woody.weaver at us.ibm.com
Tue May 17 21:11:37 UTC 2016


Greetings, squid users and devs,

I think this is usual, but I can't find examples, and I can't make it 
work. :-)

The issue is I need to connect to a site that requires client 
authentication.  Don't want to put the key and cert on each individual 
user, so instead want the key and cert on the proxy.

Diagram:

User A ---> Squid S ---> Server B
        ^            ^
        |            +-- TLS client authentication
        +-- cleartext okay

I'm able to bump, but the client authentication to server B isn't working. 
 Configured cert and key on S with ssl-bump cert= .. key= .. but that 
isn't working.

Is this not possible?

--woody


-- 
"I used to wish the universe were fair. Then one day it hit me: What if
the universe were fair? Then all the awful things that happen to us in
life, would happen because we deserved them. So now I take great pleasure
in the general hostility and unfairness of things."
-- Marcus, on Babylon 5

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160517/386ef3ef/attachment.html>


More information about the squid-users mailing list