On Thu, 30 Oct 2003, Dany Pepin wrote: > there is anyway to run squid with all connection between client and > proxy encrypted via ssl certificate ?
Yes, by finding a browser which supports SSL encrypted proxy connections. Squid already has the needed support for this via the https_port directive, but until there is browsers who can use SSL for proxy connections it is a little hard to use. What you can do to upgrade your browser is use stunnel or similar solutions to wrap the browser connection in SSL. stunnel is a very simple proxy like software which can be set up to accept local connections on a certain port and then connects using SSL to a specified server (i.e. your Squid proxy) as if the original application (i.e. your browser) had been using SSL all along. 0. Build your Squid with ssl support if not enabled already (--enable-ssl) 1. Configure stunnel to listen on a local port on the loopback interface (127.0.0.1), forwarding connections to the https_port of your Squid proxy. 2. Configure your browser to use the stunnel port as proxy port. Regards Henrik