Re: HTTP shimmed to HTTPS
Hi.
On Sat, Jul 20, 2019 at 08:28:30AM -0700, peter@easthope.ca wrote:
> * From: Reco �recoverym4n@enotuniq.net�
> * Date: Thu, 18 Jul 2019 10:13:58 +0300
> > For the whole Internet - *maybe* (and that's a big one) squid can do
> > the job.
>
> The story here is a different case but gives me some ideas to understand.
> https://serverfault.com/questions/907490/forward-proxy-convert-http-to-https
>
> There "http" is rewritten to "https". In my case, URL rewriting is
> not necessary; this browser specifies the correct URL. The only
> deficiency is to apply TLS.
>
> The example also specifies a client certificate. Except to access a site
> requiring a client certificate, that configuration shouldn't be necessary.
>
> So to my naive understanding, all that is required of squid is to apply TLS
> to the communication.
I always considered squid somewhat heavyweight. I mean, the thing can do
lots of stuff. But most of the time it looks the same as using a heavy
truck to move a shopping bag - i.e. definitely possible, but something
that probably can be avoided.
> > Most probably you'll need a very creative usage of ProxHTTPSProxy
> > (not in Debian) or its equivalent.
>
> What can squid fail to do?
In this case - nothing. But we're comparing here a multipurpose forward
proxy (squid) with a tool that's specifically designed to do two jobs -
convert HTTPS to HTTP (unneeded here) and convert HTTP back to HTTPS.
Reco
Reply to: