On 4/20/22 16:05, Zaheer Shaikh wrote:
let me try setting up https.
Is a private key needed for tls-cert bundle?
Yes, it is needed, either in the tls-cert bundle or in the tls-key=file.
See https_port documentation for details.
You are setting up an HTTPS forward proxy (as far as this https_port is
concerned). For a TLS client to trust such a proxy, the proxy must
identify itself (and sign traffic) with a trusted (by the client)
certificate. Doing so naturally requires the proxy to possess the
matching private certificate key. This aspect is similar to how an HTTPS
server identifies itself to TLS clients.
HTH,
Alex.
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
