Re: [squid-users] Squid use SSL ALWAYS?

From: Chris Robertson <crobertson@dont-contact.us>
Date: Wed, 28 Jun 2006 12:04:49 -0800

Aaron Gray wrote:

> I have squid working perfectly as a caching proxy server.
> If I access my squid proxy server from a network that has some kind of
> "sniffing" software, they can see the headers are HTTP headers (even
> though
> it is on a weird port) and still identify where your going and read
> all the
> plain text HTML.
>
> Is there any way to make it so that when I connect to the squid proxy and
> authenticate (which I require based on my ACL) that it creates a SSL
> connection (or something similar) to where all traffic is encrypted
> even if
> the destination page is not a https website? I want to hide the plain
> text.
>
You can certainly encrypt the traffic between the client and Squid (look
into stunnel, http://www.stunnel.org/), but encrypting between Squid and
a non-SSL (HTTPS) server is not possible. If you just want to encrypt
the authentication, look into using digest.

Chris
Received on Wed Jun 28 2006 - 14:05:17 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Jul 01 2006 - 12:00:02 MDT