On 24/06/2016 3:40 a.m., Hector Chan wrote:
> Yes, you are right. I ran into the same problem as you did, and now I
> remember how I got it to work. I manually patched the version of squid I
> was using to send SNI. Let me if you are interested in going that route.
> If I remember right, it was jus
my next viable option is to see if I
> can bridge the SNI gap with something like STUNNEL.
>
>
>
> Anyone else have any thoughts?
>
>
>
> *From:* Hector Chan [mailto:hectorc...@gmail.com]
> *Sent:* June 22, 2016 1:09 AM
> *To:* Kristopher Lalletti
> *Cc:* squ
: Kristopher Lalletti
Cc: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] cache_peer directive with SNI
Have you looked at the options forceddomain and ssldomain under the cache_peer
directive? Those may be just what you need.
On Tue, Jun 21, 2016 at 8:14 PM, Kristopher Lalletti
On 22/06/2016 3:14 p.m., Kristopher Lalletti wrote:
> Hi All,
>
> I'm replacing an Apache setup as a reverse-proxy with Squid v3.5, and
> I've hit a small snag.
>
> Basically, I need to tell squid to pass the proper SSL SNI name to
> the backend webserver which is accessed via SSL, and naturally,
Have you looked at the options forceddomain and ssldomain under the
cache_peer directive? Those may be just what you need.
On Tue, Jun 21, 2016 at 8:14 PM, Kristopher Lalletti wrote:
> Hi All,
>
> I'm replacing an Apache setup as a reverse-proxy with Squid v3.5, and I've
> hit a small snag.
>
Hi All,
I'm replacing an Apache setup as a reverse-proxy with Squid v3.5, and I've hit
a small snag.
Basically, I need to tell squid to pass the proper SSL SNI name to the backend
webserver which is accessed via SSL, and naturally, the SSL SNI service-name
(service.foo.com) is not the server
