On Thu, 30 Oct 2003, Dany Pepin wrote:
> there is anyway to run squid with all connection between client and
> proxy encrypted via ssl certificate ?
Yes, by finding a browser which supports SSL encrypted proxy connections.
Squid already has the needed support for this via the https_port
directive, but until there is browsers who can use SSL for proxy
connections it is a little hard to use.
What you can do to upgrade your browser is use stunnel or similar
solutions to wrap the browser connection in SSL. stunnel is a very simple
proxy like software which can be set up to accept local connections on a
certain port and then connects using SSL to a specified server (i.e. your
Squid proxy) as if the original application (i.e. your browser) had been
using SSL all along.
0. Build your Squid with ssl support if not enabled already (--enable-ssl)
1. Configure stunnel to listen on a local port on the loopback interface
(127.0.0.1), forwarding connections to the https_port of your Squid proxy.
2. Configure your browser to use the stunnel port as proxy port.
Regards
Henrik
Received on Fri Oct 31 2003 - 03:12:36 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:46 MST