[Trilug-ontopic] A squid question

Jason Watts jsnonzzr at gmail.com
Fri Jan 28 17:25:56 EST 2011

Hello all,

I have a setup question about squid that I was hoping someone here could
help with.  We are trying to set this up as a reverse proxy and have ran
into a small stumbling block.  We have setup the reverse proxy so that it is
listening on both port 80 and 443 as well as using our wild card cert.  I
believe my issue is with the way I am mapping my server to the site name.

here is my mapping.  If you want other pieces of the config file, I can send
those as well.

cache_peer         parent    443    0     no-query originserver
ssl sslflags=DONT_VERIFY_PEER name=rpsite
acl site_rpsite dstdomain rpsite.site.com
cache_peer_access rpsite allow site_rpsite

So, with the above, when I go to https://rpsite.site.com  everything works
as I would expect.

The issue pops up when I try and go to http://rpsite.site.com .  by
appearance it works, but only leaving the browser show it as unencrypted.  I
believe what is happening is I am communicating with my proxy over port 80,
but the proxy is talking to the webserver over port 443. The question I am
trying to figure out is how to allow http://rpsite.site.com to hit my port
80 internally and allow the web server to do its own redirect thing to
send my browser to port 443 (my https://rpsite.site.com).

I have been searching, but have not really found a way to allow https and
http with the same domain to go to two different ports on the same
webserver.  If anyone has any ideas I am more then ears on this.  Also, if I
am unclear in my explaining, please feel free to ask me again what I am
trying to say.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.trilug.org/pipermail/trilug-ontopic/attachments/20110128/c10c96dc/attachment.htm>

More information about the Trilug-ontopic mailing list