[squid-users] How to enable caching for https websites on Squid
Amos Jeffries
squid3 at treenet.co.nz
Wed Dec 20 13:20:36 UTC 2017
On 21/12/17 01:23, Matus UHLAR - fantomas wrote:
>> On 19/12/17 23:33, Sekar Duraisamy wrote:
>>> Please let me know how to enable caching for https websites and can we
>>> configure squid proxy to maintain anonymous as we can configure for
>>> http?
>
> On 21.12.17 01:10, Amos Jeffries wrote:
>> To cache encryption protected content you must first remove the
>> encryption. That destroys the "anonymous" part completely.
>>
>> Also, when a service uses TLS properly it is not possible to decrypt
>> in a proxy.
>>
>> If you accept the above limitations, look into the SSL-Bump feature of
>> Squid for details on how to configure decrypting of HTTPS content.
>>
>>
>> Once Squid is handling decrypted content the caching should "just
>> happen", same as with HTTP traffic going through the proxy.
>
> and I think you should read the last paragraph as:
>
> "caching often will not happen, since most of web developers don't
> know hot
> so use and benefit of it thus they try to disable caching globally"
That is nothing special for HTTPS, it happens worse in regular HTTP.
Amos
More information about the squid-users
mailing list