Dear Amos and Yuri, thanks a lot for your answers. Sorry for the mess, I'm novice here. As it turned out my proxy is not transparent...
By "some reasons" I meant clients' experience reasons, let me explain. I use explicit proxy and my clients connect to proxy using iPhone only. I installed self-signed certificate on every iPhone and made login/pass authentication. It works perfect for wi-fi connection, because in this case iPhone gives a possibility to specify proxy domain, port, login and password. However to make them connect to proxy using mobile internet I had to install APN profile on each iPhone. Inside APN profile I can specify domain and port, but not login and pass (APN doesn't have such settings). So when client opens browser using mobile internet he is asked for login/pass every time. This situation is not appropriate for me so I can't use login/pass. I'm thinking that maybe it's possible to replace login/pass authentication with certificate authentication. I want to authenticate users using a digital certificate they already have on their iPhone. I found some articles about certificate authentication for reverse proxy, but can't find anything about explicit one. Is it possible? Best Regards, Sergey
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users