Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Squid SSL Encryption
Operating Systems Linux Squid SSL Encryption Post 302522136 by Corona688 on Friday 13th of May 2011 11:23:25 AM
Old 05-13-2011
Quote:
Originally Posted by majid.merkava
Hi guys,

I want to configure squid server with SSL so that users send clear text username/password and also data in encrypted mode.
Doesn't work that way. You can't arbitrarily substitute https for http, they're not direct equivalents. https doesn't support virtual hostnaming for example -- meaning http://sitename.com/ isn't necessarily the same site as https://sitename.com/. If the server hosts more than one thing https can't even tell the difference between them. You don't have much choice but to use the protocol users asked for.
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

File encryption/Key encryption ????

My dilemma, I need to send, deemed confidential, information via e-mail (SMTP). This information is sitting as a file on AIX. Typically I can send this data as a e-mail attachment via what we term a "mail filter" using telnet. I now would like to somehow encrypt the data and send it to a e-mail... (1 Reply)
Discussion started by: hugow
1 Replies

2. UNIX for Dummies Questions & Answers

to enable POP3(ssl) and SMTP(ssl) in Squid

i have configured Squid proxy server in Fedora 8 with two network interfaces. HTTP, HTTPS, FTP are working fine but we are unable to download mails using mail clients from mail server with POP3(ssl) and SMTP(ssl). so please someone help us how to enable pop and smtp in Squid. (1 Reply)
Discussion started by: praneel2k
1 Replies

3. UNIX for Dummies Questions & Answers

VSFTPD - User or IP based SSL encryption?

Is there a way i can only force SSL encryption if they connect from outside our network OR allow certain IP's to connect without using encryption? (0 Replies)
Discussion started by: mokachoka
0 Replies

4. Infrastructure Monitoring

compiling squid with ssl support

tried to build squid with the following options configure options: '--enable-arp-acl' '--enable-epoll' '--enable-removal-policies=lru,heap' '--enable-snmp' '--enable-delay-pools' '--enable-htcp' '--enable-cache-digests' '--enable-underscores' '--enable-referer-log' '--enable-useragent-log'... (0 Replies)
Discussion started by: hopper195
0 Replies

5. IP Networking

redirecting ssl requests with squid?

say i have an apache server configured for ssl/non ssl virtual hosts and a proxy configured as follows (see squid.conf) the ssl on each name based virtual host is configured on its own port (only 7 of the domains need this the rest are just media and other insignificant bits of data but domains... (1 Reply)
Discussion started by: hopper195
1 Replies

6. Web Development

Apache, cgi script run twice when ssl, once when not ssl

I have interesting problem. https:/host/some/x.cgi - this script has run twice when I call this url But http:/host/some/x.cgi work fine, only once. Output is text/plain. If I change output format to the Content-type text/html, then both urls works fine - executed only once. (2 Replies)
Discussion started by: kshji
2 Replies

7. IP Networking

Squid vs iptables = no Squid access.log?

Hello, I have a pretty useless satellite link at home (far from any civilization), so I wanted to set up caching in order to speed things up. My Squid 2.6 runs "3128 transparent" and is set up quite well on a separate machine. I also have my dd-wrt router to move all port 80 traffic through... (0 Replies)
Discussion started by: theWojtek
0 Replies

8. Cybersecurity

File encryption tools with MAC address as an encryption key

Hi all, I'm looking for secure file encryption tools that use MAC address as encryption key. FYI, I'm using Red Hat Enterprise Linux OS. For example: when A wants to send file to B A will encrypt the file with B's computer MAC/IP address as an encryption key This file can only be decrypted... (2 Replies)
Discussion started by: sergionicosta
2 Replies

9. Linux

Apache wildcard ssl on subdomain serves same page for non ssl virtualhosts

Issue observed: I have configured ng.my-site.com using widlcard ssl cert. When I hit https://www.my-site.com it loads ng.my-site.com website! please advise if I missed any concept / configs... Thank you! httpd.conf <VirtualHost *:80> ServerName www.my-site.com ServerAdmin... (0 Replies)
Discussion started by: ashokvpp
0 Replies

LEARN ABOUT CENTOS

basic_radius_auth

basic_radius_auth(8)					      System Manager's Manual					      basic_radius_auth(8)

NAME

       basic_radius_auth - Squid RADIUS authentication helper

SYNOPSIS

       basic_radius_auth -f config file
       basic_radius_auth -h server name  port ] [-i identifier ] -w secret [-t timeout ]

DESCRIPTION

       basic_radius_auth allows Squid to connect to a RADIUS server to validate the user name and password of Basic HTTP authentication.

OPTIONS

       -f configfile
		   Specifies the path to a configuration file. See the CONFIGURATION section for details on the file content.

       -h server   Alternative method of specifying the server to connect to

       -p port	   Specify  another  server port where the RADIUS server listens for requests if different from the default RADIUS port.  Normally
		   not specified.

       -i identifier
		   Unique identifier identifying this Squid proxy to the RADIUS server.  If not specified the IP address is used to  identify  the
		   proxy.

       -w secret   Alternative	method of specifying the shared secret. Using the -f option with a configuration file is generally more secure and
		   recommended.

       -t timeout  RADIUS request timeout. Default is 10 seconds.

CONFIGURATION

       The configuration specifies how the helper connects to RADIUS.  The file contains a list of directives (one per line). Lines beginning with
       a # are ignored.

       server radiusserver
	      specifies the name or address of the RADIUS server to connect to.

       secret somesecretstring
	      specifies the shared RADIUS secret.

       identifier nameofserver
	      specifies what name the proxy should use to identify itself to the RADIUS server.  This directive is optional.

       port portnumber
	      Specifies the port number or service name where the helper should connect.

       timeout seconds
	      Specifies the RADIUS request timeout.

AUTHOR

       This program is written by Marc van Selm <selm@cistron.nl> Henrik Nordstrom <hno@squid-cache.org>

       With contributions from many others.

       This manual was written by Henrik Nordstrom <hno@squid-cache.org>

COPYRIGHT

       This program and documentation is copyright to the authors named above.

       Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).

QUESTIONS

       Questions on the usage of this program can be sent to the Squid Users mailing list <squid-users@squid-cache.org>

       Or contact your favorite RADIUS list/friend if the question is more related to RADIUS than Squid.

REPORTING BUGS

       Bug reports need to be made in English.	See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with
       your bug report.

       Report bugs or bug fixes using http://bugs.squid-cache.org/

       Report serious security bugs to Squid Bugs <squid-bugs@squid-cache.org>

       Report ideas for new improvements to the Squid Developers mailing list <squid-dev@squid-cache.org>

SEE ALSO

       squid(8), GPL(7),
       RFC2058 - Remote Authentication Dial In User Service (RADIUS)
       The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq
       The Squid Configuration Manual http://www.squid-cache.org/Doc/config/

								   7 August 2004					      basic_radius_auth(8)
All times are GMT -4. The time now is 11:15 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy