LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Fedora (https://www.linuxquestions.org/questions/fedora-35/)
-   -   Squid configuration question. Client => HTTPS => proxy => HTTP => webserver (https://www.linuxquestions.org/questions/fedora-35/squid-configuration-question-client-%3D-https-%3D-proxy-%3D-http-%3D-webserver-667871/)

newhere 09-05-2008 07:29 PM
Squid configuration question. Client => HTTPS => proxy => HTTP => webserver
 
Hi folks,

I'm wondering if it's possible to configure Squid (and a browser) so that the client makes the connection to the proxy over HTTPS even though the final web server connection is only HTTP.

I would like to run a proxy server on my linux box at home and then use that as a proxy from work or other places. But my ISP seems to block incoming HTTP connections. HTTPS connections are not blocked.

So to get around this, can I configure squid (or even a browser for that matter) to connect with something like:
Browser client => HTTPS => squid proxy => HTTP => normal-non-ssl-site.


This is my distro, though I don't think this is relevant. Please move as appropriate thanks.

# cat /etc/redhat-release
Fedora Core release 6 (Zod)
# uname -a
Linux compaqlaptop 2.6.22.14-72.fc6 #1 SMP Wed Nov 21 15:12:59 EST 2007 i686 i686 i386 GNU/Linux

squid-2.6.STABLE13-1.fc6


Thanks for any help.

GlennsPref 09-05-2008 09:14 PM
Hi, I have found this site usefull...

http://www.linuxhomenetworking.com/


Sorry I can't comment further as my linux system is down due to a new motherboard. w.i.p.

newhere 09-05-2008 11:34 PM
Thanks. That forum doesn't look like it gets as much traffic but I'll try posting there as well.

GlennsPref 09-05-2008 11:43 PM
Hi, I was pointing you to the tutorials, you might have to read something. :3
Squid:iptables:secure Remote Logins and file copy:

newhere 09-07-2008 12:13 AM
Yes I'm capable of reading. Thanks for the tip. Nowhere is such a configuration documented and I don't think this is supported. My attempted workaround was to run a local squid proxy (on localhost i.e. my client, and point browser at localhost for a proxy.) and force it to use a peer over ssl (my original proxy, which does not accept unencrypted traffic since my ISP blocks this.) But that didn't work either. Does ssl=>peer squid config support this? I still can't tell but I couldn't get it working.

Silly me I later realized, I can of course just tunnel over ssh (using the -L localport:remotehost:remoteport option) so the solution for me in this case is to just ssh into the original proxy box with the tunneling enabled and tunnel a local port directly to the proxy.

Thanks for the help.

bab 02-21-2009 01:33 PM
proxy http inside https with squid
 
I am also trying to figure out how to proxy http inside https in order to keep http secure while also not bothering with the complications of ssh


All times are GMT -5. The time now is 08:49 PM.