[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Squid with https in transparent mode



On Tue, Jun 25, 2013 at 01:07:26PM +0100, Frank Lanitz wrote:
> Hi folsk,
> 
> Is there a way of using a squid proxy in transparent way, just to put
> the traffic and forward it via another proxy to outside network(no
> caching etc) w/o doing man-in-the-middle? Currently I've got this
> running for http via
> 
> cache_peer xx.xx.xx.xx parent 3128 7 no-query default
> never_direct allow all
> 
> and a transparent setup for SSL. If I'm entering the proxy directly into
> e.g. Firefox it's working -- but don't got it running via transparent mode.

HTTPS (a.k.a. HTTP-over-SSL) is not amenable to transparent proxying -
the encryption is designed to be end-to-end.

However, I believe that you can make squid a front-end for a web site
if you give the SSL keys to squid - but this may be a different use
case than yours....

Perhaps if you describe what you're trying to achieve, the list can
come up with other/better ways of reaching that goal?

-- 
Karl E. Jorgensen


Reply to: