[wellylug] Squid and SSL

Paul Daniel paul.daniel at orcon.net.nz
Fri Mar 19 21:58:10 NZDT 2004


Hi all,

I have managed to weasel a Squid server into the WAN at work.  It is
only going to pass requests on to a parent proxy (MS of some description
running Mail/Web Marshall) maintained by Safecom (Telecom) and will be
replacing several NT4 and MS Proxy 2.0 servers.  The problem I have with
my test install is that I cannot get SSL traffic working.  Any standard
http requests are being promptly served but SSL just appears to die. 
>From my non expert search of the logs I have not found any errors and a
look at the documentation seems to show I have the right ACLs and
rules.  I believe the relevant line is 
deny CONNECT!SSL_ports 
Possibly some other request types are not getting through but if I can't
SSL working that may not matter.  Next is Squid guard but that's not a
must have as filtering is happening further up the chain and this proxy
will not have direct public internet exposure.  Anyone who can post a
working list of ACLs and rules for this situation?

Cheers
Paul Daniel




More information about the wellylug mailing list