Tory M Blue wrote:
> I was wondering if there was a way for Squid to pass on some basic
> information to the server citing that the original request was Secure,
> so that the backend server will respond correctly.
>
> Right now Squid takes and handles the SSL, passes back to the server
> via standard http and the application check, causes "basically a
> loop", because it wants to see the client using SSL and not standard
> HTTP..
>
> This is only an issue with same hostname/headers that have access on
> both 80/443 as the application needs to know that someone came in
> secured and that the Squid box will respond in kind.
>
> Am I missing something basic? i'm not seeing it in the information
> currently that Squid passes. Otherwise the application could key off
> the originating dest port or similar
>
> Thanks
> Tory
You could make a second peer connection using HTTPS between squid and
the back-end server and ACL the traffic so that only requests coming in
via SSL are sent over that link. Leaving non-HTTPS incoming going over
the old HTTP link fro whatever the server want to do.
Amos
-- Please use Squid 2.6.STABLE19 or 3.0.STABLE4Received on Thu May 01 2008 - 09:01:34 MDT
This archive was generated by hypermail 2.2.0 : Tue May 13 2008 - 12:00:02 MDT