OK thanks for that, i'll go through it and let you know how I go.
In the meantime I found pound.
http://www.apsis.ch/pound/
This was fairly easy to configure. I'll paste the "easy as 123" code below for anyone interested because I found other sites went into way too much specific detail without covering what works and where to go from there. I also dont run in a chroot jail (who cares, I can replace the server easily with xen, and all it does is this task)
The problem I found with it was I couldnt re-direct anything other than http or https.
Also the ssl connection is just between the internet user and the proxy server, not from the internet user and the webserver.
Anyway:
I created another virtual server just to test pound (In 5 min! I love xen and small disk images, no more countless long installs for test bed machines :-))
Then logged into it
# xm console <the_domain_name> (Had to press enter to make it show the prompt fom the new virtual server tho?)
Then installed gcc and openssl-devel so I could compile:
#yum install gcc openssl-devel
Download pound from the site I pasted above:
#wget
http://www.apsis.ch/pound/Pound-2.4.5.tgz
And extract the tgz file:
#tar -xvzf Pound-2.4.5.tgz
Go into the new dir and compile the code, make the binaries and install the binaries and man pages etc to their correct locations:
I was thinking about creating an rpm with rpmbuild but I'm not going to cover that here!
#cd Pound-2.4.5
#./compile
#make && make install
I created the pound user to be able to run the program as non-privileged user.
#useradd -M pound
#passwd pound ......etc. etc
then created thc config file:
touch /usr/local/etc/pound.cfg
Then I used *my fave - nano)an editor to create the contents:
#nano /usr/local/etc/pound.cfg
The conents follow:
User "pound"
Group "pound"
ListenHTTP
Address 10.1.1.254 #<The internal address of the proxy server (Which one it listens on)>
Port 80
End
ListenHTTPS
Address 10.1.1.251
Port 443
Cert "/usr/local/etc/pound/certs/thaCert.pem"
End
Service
HeadRequire "Host:.*www.domainOne.com.*"
BackEnd
Address 10.1.1.253 #<internal address of web-1>
Port 80
End
End
Service
HeadRequire "Host:.*www.domainTwo.com.*"
BackEnd
Address 10.1.1.252 #<internal address of web-2>
Port 80
End
End
To check the config type:
#pound -c
To start pound type:
pound
Easy!
I would like to get squid working as well and will post any success!