05-13-2011
Quote:
Originally Posted by
majid.merkava
Hi guys,
I want to configure squid server with SSL so that users send clear text username/password and also data in encrypted mode.
Doesn't work that way. You can't arbitrarily substitute https for http, they're not direct equivalents. https doesn't support virtual hostnaming for example -- meaning
http://sitename.com/ isn't necessarily the same site as
https://sitename.com/. If the server hosts more than one thing https can't even tell the difference between them. You don't have much choice but to use the protocol users asked for.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
My dilemma,
I need to send, deemed confidential, information via e-mail (SMTP). This information is sitting as a file on AIX. Typically I can send this data as a e-mail attachment via what we term a "mail filter" using telnet. I now would like to somehow encrypt the data and send it to a e-mail... (1 Reply)
Discussion started by: hugow
1 Replies
2. UNIX for Dummies Questions & Answers
i have configured Squid proxy server in Fedora 8 with two network interfaces.
HTTP, HTTPS, FTP are working fine but we are unable to download mails using mail clients from mail server with POP3(ssl) and SMTP(ssl).
so please someone help us how to enable pop and smtp in Squid. (1 Reply)
Discussion started by: praneel2k
1 Replies
3. UNIX for Dummies Questions & Answers
Is there a way i can only force SSL encryption if they connect from outside our network OR allow certain IP's to connect without using encryption? (0 Replies)
Discussion started by: mokachoka
0 Replies
4. Infrastructure Monitoring
tried to build squid with the following options
configure options: '--enable-arp-acl' '--enable-epoll' '--enable-removal-policies=lru,heap' '--enable-snmp' '--enable-delay-pools' '--enable-htcp' '--enable-cache-digests' '--enable-underscores' '--enable-referer-log' '--enable-useragent-log'... (0 Replies)
Discussion started by: hopper195
0 Replies
5. IP Networking
say i have an apache server configured for ssl/non ssl virtual hosts and a proxy configured as follows (see squid.conf)
the ssl on each name based virtual host is configured on its own port (only 7 of the domains need this the rest are just media and other insignificant bits of data but domains... (1 Reply)
Discussion started by: hopper195
1 Replies
6. Web Development
I have interesting problem.
https:/host/some/x.cgi
- this script has run twice when I call this url
But
http:/host/some/x.cgi
work fine, only once.
Output is text/plain.
If I change output format to the Content-type text/html,
then both urls works fine - executed only once. (2 Replies)
Discussion started by: kshji
2 Replies
7. IP Networking
Hello,
I have a pretty useless satellite link at home (far from any civilization), so I wanted to set up caching in order to speed things up. My Squid 2.6 runs "3128 transparent" and is set up quite well on a separate machine.
I also have my dd-wrt router to move all port 80 traffic through... (0 Replies)
Discussion started by: theWojtek
0 Replies
8. Cybersecurity
Hi all,
I'm looking for secure file encryption tools that use MAC address as encryption key. FYI, I'm using Red Hat Enterprise Linux OS.
For example: when A wants to send file to B
A will encrypt the file with B's computer MAC/IP address as an encryption key
This file can only be decrypted... (2 Replies)
Discussion started by: sergionicosta
2 Replies
9. Linux
Issue observed: I have configured ng.my-site.com using widlcard ssl cert. When I hit https://www.my-site.com it loads ng.my-site.com website!
please advise if I missed any concept / configs... Thank you!
httpd.conf
<VirtualHost *:80>
ServerName www.my-site.com
ServerAdmin... (0 Replies)
Discussion started by: ashokvpp
0 Replies
LEARN ABOUT CENTOS
basic_radius_auth
basic_radius_auth(8) System Manager's Manual basic_radius_auth(8)
NAME
basic_radius_auth - Squid RADIUS authentication helper
SYNOPSIS
basic_radius_auth -f config file
basic_radius_auth -h server name port ] [-i identifier ] -w secret [-t timeout ]
DESCRIPTION
basic_radius_auth allows Squid to connect to a RADIUS server to validate the user name and password of Basic HTTP authentication.
OPTIONS
-f configfile
Specifies the path to a configuration file. See the CONFIGURATION section for details on the file content.
-h server Alternative method of specifying the server to connect to
-p port Specify another server port where the RADIUS server listens for requests if different from the default RADIUS port. Normally
not specified.
-i identifier
Unique identifier identifying this Squid proxy to the RADIUS server. If not specified the IP address is used to identify the
proxy.
-w secret Alternative method of specifying the shared secret. Using the -f option with a configuration file is generally more secure and
recommended.
-t timeout RADIUS request timeout. Default is 10 seconds.
CONFIGURATION
The configuration specifies how the helper connects to RADIUS. The file contains a list of directives (one per line). Lines beginning with
a # are ignored.
server radiusserver
specifies the name or address of the RADIUS server to connect to.
secret somesecretstring
specifies the shared RADIUS secret.
identifier nameofserver
specifies what name the proxy should use to identify itself to the RADIUS server. This directive is optional.
port portnumber
Specifies the port number or service name where the helper should connect.
timeout seconds
Specifies the RADIUS request timeout.
AUTHOR
This program is written by Marc van Selm <selm@cistron.nl> Henrik Nordstrom <hno@squid-cache.org>
With contributions from many others.
This manual was written by Henrik Nordstrom <hno@squid-cache.org>
COPYRIGHT
This program and documentation is copyright to the authors named above.
Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
QUESTIONS
Questions on the usage of this program can be sent to the Squid Users mailing list <squid-users@squid-cache.org>
Or contact your favorite RADIUS list/friend if the question is more related to RADIUS than Squid.
REPORTING BUGS
Bug reports need to be made in English. See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with
your bug report.
Report bugs or bug fixes using http://bugs.squid-cache.org/
Report serious security bugs to Squid Bugs <squid-bugs@squid-cache.org>
Report ideas for new improvements to the Squid Developers mailing list <squid-dev@squid-cache.org>
SEE ALSO
squid(8), GPL(7),
RFC2058 - Remote Authentication Dial In User Service (RADIUS)
The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq
The Squid Configuration Manual http://www.squid-cache.org/Doc/config/
7 August 2004 basic_radius_auth(8)