[squid-users] https_port Listen on different IP
Alex Rousskov
rousskov at measurement-factory.com
Fri Oct 19 17:04:56 UTC 2018
On 10/19/2018 01:10 AM, houheming wrote:
> Configure squid to be a https tproxy proxy
Terminology clarification: You are configuring an transparent proxy for
intercepting TLS/HTTPS traffic, not an (explicit) HTTPS proxy.
> configure squid to send the client browser certificates which signed by X
This phrase can be (mis)interpreted many ways:
1. Configure Squid to automatically generate origin server certificates
(signed by a configured CA X) and send them to browsers/clients that go
to those origin servers.
2. Configure Squid to use a configured client certificate (signed by
some CA X) and send it to origin servers that request client certificates.
Does any of the above match what you want to do?
> https_port 443 ...
> https_port 180.97.33.107:443 ...
> https_port 180.97.33.108:443 ...
I am not sure, but perhaps the first https_port line (the one without an
explicit IP address) should come _last_ so that Squid can listen on the
addresses that remain after 180.97.33.107 and 180.97.33.108 are taken by
the other two ports?
Also, if your Squid, when started without "-k parse", reports any
warnings or errors, please share them.
Alex.
More information about the squid-users
mailing list