Hi, I can't get the reverse proxy to work properly. Basically I want squid to serve as reverse proxy to two of my domains - x.example.com and y.example.com. I also want squid to perform basic authentication against my own radius server which should be common for both the sites. I mean I want users to authenticate once and it should work for both x.example.com and y.example.com. Here's my config:
auth_param basic program /path/to/basic_radius_auth -f /path/to/squid_rad_auth.conf auth_param basic children 5 auth_param basic realm PRIVATE auth_param basic credentialsttl 4 hours auth_param basic casesensitive on https_port 443 cert=/path/to/x_domain_com.pem key=/path/to/x_domain_com.pem accel cache_peer 1.1.1.X parent 443 0 no-query originserver ssl sslflags=DONT_VERIFY_PEER name=x_domain_com cache_peer 1.1.1.Y parent 443 0 no-query originserver ssl sslflags=DONT_VERIFY_PEER name=y_domain_com acl sites_server_x_domain_com dstdomain x.domain.com acl sites_server_y_domain_com dstdomain y.domain.com acl radius-auth proxy_auth REQUIRED cache_peer_access x_domain_com allow sites_server_x_domain_com cache_peer_access y_domain_com allow sites_server_y_domain_com cache_peer_access x_domain_com deny all cache_peer_access y_domain_com deny all http_access allow radius-auth http_access allow sites_server_x_domain_com http_access allow sites_server_y_domain_com ...<snip> ... With this config: 1. I launch https://x.domain.com on a browser. It prompts for user/pass. I enter it and then it prompts again. I enter it and then it lets me in. Not sure why this is happening. Is it because the target site has IPTables NAT from 443 to 6443? If so how can I get around that? 2. I launch https://x.domain.com and authenticate. It lets me in. Now I change the URL on the same browser to https://y.domain.com. It asks for authentication again. Why? How can I get around this? PS: I know it is not possible to virtual host SSL and I need a wild card cert. But I don;t care if I get a certificate warning with y.domain.com. Please could someone have a look and tell me what I'm doing wrong? Thanks.
