On Friday 05 September 2003 20.45, Jim Flowers wrote: > I am trying to set up a Squid3 accelerator to accept https:// > requests and to rewrite them to a virtual domain as http:// > requests. In order to do this I use: > > https_port 443 cert=/usr/local/etc/apache/ssl.crt/server.crt > key=/usr/local/etc/apache/ssl.key/server.key accel > defaultsite=my.virtualhost.com protocol=http.
Looks fine. > This appears to rewrite everything to http://my.virtualhost.com on > its own and does not ever get to the redirect_program instead > showing up as an http:// request at my.virtualhost.com on port 443. Why are you using a redirect program? The requests should not get forwarded at all unless you for some reason forces these direct, and if they are they should end up as http://my.virtualhost.com/ (port 80). There was some minor issues in how Squid-3 handled this some weeks ago (sometimes getting the port number incorrect on accelerated requests) but it should work fine now. > Can Apache3 be configured as an accelerator rewriting https:// > requests to http:// name-based virtual domains? How do I get the > request to the redirect_program? This is a Squid list, not an Apache list. If I understand you correctly you want Squid to accept https request and forward them to a http server of your choice? If this is the case then use something like this: https_port 443 cert=... key=... accel defaultside=... (don't use protocol=) cache_peer your.http.server parent 80 0 no-query originserver acl my dstdomain my.virtualhost.com cache_peer_access your.http.server allow my If the domain name requested by the browser is different compared to the domain name expected by the http server then you have three options: a) Set the defaultsite= to the domain name expected by the web server (not recommended.. this should be set to the externally visible domain name) b) Use a redirector to rewrite the URL while forwarded by Squid (this will modify the cache_peer_access requirements accordingly). c) Use the forcedomain= cache_peer option. Regards Henrik -- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, [EMAIL PROTECTED]
