[squid-users] Squid as http to https forward proxy

Matus UHLAR - fantomas uhlar at fantomas.sk
Thu Jul 4 14:58:48 UTC 2024


>On 2024-07-04 09:20, Wagner, Juergen03 wrote:
>>we are evaluating Squid to be used as a http to https forward proxy.
>>
>>So Squid would need to support the following setup:
>>
>>     http (client)    ---->   Squid  --->  https ( server )
>>
>>Could someone please confirm if the given setup is in principle 
>>possible with Squid?
>>
>>If yes, which configuration needs to be done?

On 04.07.24 10:36, Alex Rousskov wrote:
>    Yes, Squid should be able to forward plain text HTTP requests to a 
>secure server. Use cache_peer directive with "tls" and "originserver" 
>flags. Here is an untested sketch:
>
>    # routing all traffic to one HTTPS origin server
>    cache_peer 127.0.0.1 parent 443 0 tls originserver \
>        name=MySecureOrigin \
>        no-query no-digest
>    cache_peer_access MySecureOrigin allow all
>    always_direct deny all
>    never_direct allow all
>    nonhierarchical_direct off

Afaik this means that it is not possible with any remote server, because all 
servers you want to access this way must be explicitly set up in squid.conf, 
correct?


-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Silvester Stallone: Father of the RISC concept.


More information about the squid-users mailing list