Marcello, Thank you.. this is good except that I need to configure all my browsers for downloading the pac file, and some Adware,/antivirus will not auto discover this.. my users are linux as well as windows sadly. So while this is a lot more practical then manually configuring proxies in the machines it is not an option for for the requirement of this project.
Thanks. -Matt On Thu, Oct 29, 2009 at 3:55 PM, Bob Beck <b...@ualberta.ca> wrote: > browsing ssl by IP addresses will also result in certificate conflicts > - because the ssl cert is for the name not the IP address. > > So if they were willing to do that, they're willing to have your > stupid reverse proxy mitm all your certificates since they'll also > fail. > > Perhaps between my extermely subtle taunting, I should give up and > just ask you *why* the hell do you want to do this? > > > 2009/10/29 Matthew Young <myoung24...@gmail.com>: >> THis is great, however out LAN users are all technical. they would >> know and the next thing I have is people browsing the internet through >> IPs. >> >> It was good, but not applicable here. >> >> >> On Thu, Oct 29, 2009 at 3:11 PM, Chris Kuethe <chris.kue...@gmail.com> wrote: >>> So run your own dns and only resolve good domains. Then the proxy can only >>> find the things you want it to. >>> >>> On Oct 29, 2009 1:03 PM, "Matthew Young" <myoung24...@gmail.com> wrote: >>> >>> Hello, >>> >>> If I use a reverse proxy I would have to know the SSL key of the >>> remote SSL site. (gmail.com) so that the reverse proxy server would >>> decrypt and encrypt. Iam not mistaken. >>> >>> -- Matt >>> >>> On Thu, Oct 29, 2009 at 2:50 PM, Bob Beck <b...@ualberta.ca> wrote: > apache >>> or other reverse proxy...
