> I want this: > > ssl-certificate <--fw--> apache (whatever) reverse proxy <------>client > holding IIS > > > Is this possible?????? For me to reverse proxy a ssl server??? I dont > care if the proxy is accessed as http or https, i just want it to work > this way... > > Alex
Heh, funny this should come up. I'm in the process of figuring it out myself. My setup is a bit different though: Multiple Apache Boxes <--> reverse proxy w/ redirector <--> fw <-> client. Right now the fw port forwards 80 to the r.proxy, the redirector rewrites the body of the request for the correct internal machine. Obviously an ssl encrypted body can't be rewritten (or parsed for that matter) so I have to decrypt it at the proxy. Squid 2.5 allows you to set https_port with a certificate. This will encrypt the session between the client and the proxy. I'm less worried about the internal network. The problem of course lies in the redirector and the signed cert for the web sites. Do I just get one signed for the proxy machine, or do I need multiple certs for all the websites (and if so, can more then one cert be assigned to the same port and will squid know which to use?) Best case scenario is a single certificate authenticated to the proxy box, for external connections. Chances are I'll end up hoping that Squid 2.5 allows for multiple SSL certs on the same port so then I can ssl all the websites off the proxy. Cheers, -- Lance Levsen, Systems Administrator, PWGroup - Saskatoon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]