今天测试了一下在squid上建一个ssl代理转发.其实也蛮容易的.
- https_port 443 cert=/etc/squid/SSL.CRT key=/etc/squid/SSL.KEY defaultsite=ssl.php-oa.com
- cache_peer ssl.php-oa.com parent 80 o no-query no-digest originserver name=www
- cache_peer_homain www .php-oa.com
其实真的很容易.是吧.有个https_port和cache_peer加上那个ssl的地址基本就好了.记的https_port要加defaultsite.不加会下面错
The following error was encountered:
Invalid Request
Some aspect of the HTTP Request is invalid. Possible problems:
Missing or unknown request method
Missing URL
Missing HTTP Identifier (HTTP/1.0)
Request is too large
Content-Length missing for POST or PUT requests
Illegal character in hostname; underscores are not allowed
注
可以使用下面命令可以生成测试用的证书:
openssl req -new -keyout key.pem -nodes -x509 -days 365 -out cert.pem
如果要生成一个证书请求用于申请正式证书请用下面两个命令:
1.生成私钥 openssl genrsa -out key.pem 1024
2.生成待签名证书 openssl req -new -out req.csr -key key.pem
然后将req.csr文件中的内容提交给证书颁发机构。