Hey Eliezer, Thank you for your explanation, just want to clarify.
Does it mean that if I configure squid to listen https_port on port 3129 with ssl certificate, connection from a client to squid server by port 3129 will be NOT encrypted? Anton 03 февр. 2015 г. 23:23 пользователь "Eliezer Croitoru" <elie...@ngtech.co.il> написал: > On 03/02/2015 17:14, Anton Radkevich wrote: > >> so just to be clear the connection flow will look like: >> >> browser <Encrypted Tunnel> Server <HTTP or HTTPS connection> Destination >> >> where <Encrypted Tunnel> is probably some form of HTTPS connection for >> support with the browser PAC >> > > Hey Anton, > > Squid do not support socks connection or any other form of encryption. > The known options to encrypt the connection between the client and the > server are: > - ssl vpn tunnel > - ssh vpn tunnel > - some other weird and special ways > > Since I am not familiar with all authentication methods I cannot answer. > On the other hand squid offers couple ways to authenticate and I am sure > that the choice between md5 or other sha algorithm is not important if you > are encrypting the connection between the server and the client using a > tunnel. > If you wish to use some higher security levels you can use client side > certificates and pin IP addresses to the certificates. > > All The Bests, > Eliezer > > _______________________________________________ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users >
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users