On mån, 2008-05-12 at 10:14 +0200, Wojciech Durczyński wrote: > Thanks for your answer. > I tried this, but it doesn't solve my problem. > Web server should be hidden from outer network. But when using > defaultsite - client tries to connect with this server directly! > Redirect requests from server aren't changed by squid when passed to > client. And they should be.
defaultsite should be the site name the clients connect to. > Using dummy ssl port on the web server works well, but squid should > allow redirecting https->http without problems. It does, but it requires that the web server is capable of recognising that there is an ssl frontend translating https->http. Squid indicates this using the front-end-https option (see cache_peer), but it's up to the server to adjust it's operations accordingly and properly send out https:// URLs to itself instead of http:// URLs in it's responses. And "itself" in this context is defined by the host name sent in the Host header, which is the host name you see in the URL logged in access.log. Regards Henrik
