I'm confronted with the following issue:
I have about 8 web applications running on our intranet, some http and a few https. They are not accessible from the outside world and I need to change that for most of those applications. Of course I prefer to do this in the most secure way possible, not just configuring a firewall and putting the server on the WWW for every one to see. So I've been 'sniffing' around on LinuxQuestions and other forums and have been trying out Squid3. I've got it running in a test environment on our intranet to see if it forwards correctly and it does for the http sites. Regarding the configuration of https on the proxy I'm in the dark, so I would like to ask if there's a kind soul (or more than one) on this forum that can help me out, since I'm new to Squid.
Want I would like to do, if possible is the following:
I'll include the necessary directions in DNS so that the sites are available as subdomains on our domain name on https (443).
Our co-workers will access those https://subdomain.domain.com
which will get directed to our external IP and subsequently will arrive at our firewall.
The firewall will be configured to forward those connections to the Squid machine which will be in DMZ.
Then Squid should only allow ssl connections and drop all others, also block all other ports, and forward the subdomains to the correct 'origin' server, being https or http. If needed I can add https access to the http only sites.
I also would like to use some kind of authentication, preferable using certificate/password or something.
I hope there's someone here who can help me out with this. BTW, I have Squid installed on a Debian 64-bit OS.
Any help is greatly appreciated.