Search squid archive

http to squid to https

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am kinda new to squid.  Been looking over the documentation and I just wanted a sanity check on what I am trying to do.

I have a web client that hits my squid server.  The squid connects to an apache server via ssl. 

Here are the lines of interest from my squid.conf for version 3.1.8

http_port 80 accel defaultsite=123.123.123.123
cache_peer 123.123.123.123 parent 443 0 no-query originserver ssl sslflags=DONT_VERIFY_PEER name=apache1

The good news is, that works just as I hoped.  I get a connection.

But I am questioning the DONT_VERIFY_PEER.    Don't I want to verify peer?

I simply hacked up a self signed cert on the apache server.  Installed mod_ssl and restarted apache and everything started to work on 443. 

On the command line for the squid server I can curl the apache box with:

curl --cacert  _the_signed_cert_from_the_apache_node_ https://apache.server

Is there a way with sslcert and sslkey to setup a keypair that will verify?  Do I need a signed cert?

I tried to add the cert and key to the cach_peer line in the config.  Squid did restart.  But no connection.  Why would curl work but not squid?

-- 
-Dean


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux