On Thu, 29 Oct 1998, Q wrote:
> On Wed, 28 Oct 1998, Sergey Gribov wrote:
>
> >
> > Hi,
> >
> > How can I use Squid to accelerate the https Web server?
> > It don't bind himself to the port 443...
>
> You can't. SSL is designed to prevent "man in the middle" intervention.
> SSL requires that a session key exchange occure before the request can be
> made. Using SSL also adds an overhead to transmission time due to the need
> for de/encrypting the communication. Even if it were possible, you would
> probably notice very little improvement in performance.
>
> The best way to improve performance is to only put the form/data that
> needs to be encrypted on the secured site (and any accompanying cgi
> actions). The rest of the site can go on regular accelerated server.
one possible solution(this is a bit of blue sky thinking here) would be
to have a front end that would handle the SSL link and then have squid
handle the un-encripted requests. Another possibility would be to graft
the apache SSL code into squid. Neither of these 2 choices are easy to
implement and would require some coding effort.
Alvin Starr || voice: (416)585-9971
Interlink Connectivity || fax: (416)585-9974
alvin@iplink.net ||
Received on Thu Oct 29 1998 - 06:17:05 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:42:51 MST