[squid-users] How to do transparent rewrite with https requests?

Yves MARTIN yves.martin at elca.ch
Tue May 27 14:37:06 UTC 2025


Hello,

 

My team expects to transparently rewrite requests through squid, replacing
original URL/hostname by another target URL/host.

 

Main objective is to redirect original HTTPS requests triggered by "docker
pull alpine" to a local mirrored registry without obvious information in
user client that the obtained image comes from mirror: original image
location is preserved, no specific proxy or mirror configuration in docker
client/daemon to set.

 

To do so, we have used squid-urlrewrite and it works well for HTTP request,
even if rewrite targets HTTPS URL.

But when original request is HTTPS, connection still goes to original
URL/hostname IP address
https://github.com/rchunping/squid-urlrewrite/issues/3

According to debug logs, the original request hostname is resolved to IP
early and kept in internal context after squid-urlrewrite is invoked.

 

Do you have recommendations how to implement such a rewrite? Any idea how to
improve/fix current squid behavior?

 

Thank you in advance for your help

Best regards,

Yves

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20250527/3a31ba89/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6737 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20250527/3a31ba89/attachment-0001.bin>


More information about the squid-users mailing list