Hi,
On Wed, 09 Mar 2011, kevin wrote:
> I am using squid as a proxy for a small network, it works fine but when
> someone logs into an https webpage the proxy doesn't work.
This is usually dealt with under the connect method. Unless something has
changed, when a browser knows it's doing SSL through a proxy, it issues a
message to the proxy like:
connect www.linux.ie:443 HTTP/1.0
which causes the proxy to act as a sort of NAT device, forwarding the TCP
session on to the server. The default squid config usually has lines like
this:
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 8002
acl SSL_ports port 873 # rsync
acl SSL_ports port 2096
acl CONNECT method CONNECT
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
which in effect allows the connect method, but only on specified ports.
Your normal:
http_access allow .....
should be sufficient otherwise to allow this. All bets are off if you're
using transparent proxying however.
What error message are you getting in the browser?
Gavin
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
