On 28/12/2011 12:44 p.m., someone wrote:
Allright, many of you know me here from some of my previous posts, and
Im sure if I went a googling Id find answers to my questions but hey,
why, when im subscribed to the squid-cache users mailing list~ hehe.
Well anyway, ive never used squid for ssl/https:443 before and noticed
one of my clients playing a lot of that farmville crap on facebook,
sometimes uses ssl, and farmville uses a considerable ammount of
bandwidth. I wanna intercept all of that wasted redownloads so, since
farmville seems to be using https more, my clients arent getting the
benefit of my squid cache :(, welp now its time to enable ssl "bump" or
w/e they call it in squid.
ok, as I understand squid must be compiled to cache ssl http content?
Because im using a vanilla version that ships with debian squeeze. see
below.
On Debian yes, it must be re-compiled with --enable-ssl. The Debian
policy has problems with the way Squid (GPLv2+) and OpenSSL
(proprietary) licenses combine.
One day someone will get around to adding GNUTLS support and the SSL
problem will go away. So far nobody has supplied patches for it. There
are both a debian and Squid project bugs about GNUTLS if you want to
subscribe for notice when that happens.
Amos
