Hi guys
On FC9 we are running squid-3.0.STABLE2-2.fc9.i386
HTTP traffic works fine, no problems there.
When I try to access a secure site, IE, Chrome and Firefox says the page cannot be loaded.
I do not see any log entries in the squid access log or the servers messages file.
HTTP requests get logged though.
Any idea where I can start looking? The server also runs IPTABLES.
Please let me know
Thanks!!
You might look into issues about encryption and proxy caches.
Normally since an SSL session involves an exchange of encryption keys between client and server, a proxy cache will not attempt to cache encrypted pages, because these pages cannot be viewed outside of the session.
For example, if you had an encrypted SSL session with your on-line bank, you would not want that information cached anyway, and you certainly would not want it cached unencrypted.
So we cannot run HTTPS via squid without compromising security & encryption?
Are you using SQUID as a transparent proxy, redirecting normal un-proxied requests into your local SQUID? A transparent proxy can't carry SSL, much to my irritation as well. SQUID can proxy SSL, but only makes a direct uncached connection, and never decrypts.
A transparent proxy tries its best to act like the website you're connecting to, hence it can't do anything that requires the client to know its connecting to a proxy, like an HTTP CONNECT, the only safe way to proxy HTTP SSL.