troubleshooting Question

Client not able to view secure sites (https) when browsing thru squid

Avatar of Spice_Telecom
Spice_TelecomFlag for India asked on
Linux DistributionsLinux SecurityLinux
11 Comments1 Solution1038 ViewsLast Modified:
Hi,
I am using. Red Hat Enterprise Linux ES release 3 (Taroon) & squid version STABLE2.5. The configuration is herewith attached.  
My requirement is to block all sites and to allow only 3 sites , which are secure sites (https). With the current configuration where i need to change the setting.



http_port 11011
icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 16  MB
maximum_object_size_in_memory 100 KB
request_body_max_size 100 KB
reply_body_max_size 0
 
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl Safe_ports port 80 9998 8080   # http
acl Safe_ports port 20 21       # ftp
acl Safe_ports port 443 563 8443            # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl Safe_ports port 4650        # custom port
acl Safe_ports port 25 110      # pop3 port
acl Safe_ports port 201         # Unknown Port
acl CONNECT method CONNECT
acl intrallow url_regex "/etc/squid/intrallow"
visible_hostname proxy2
 
http_access allow intrallow
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
icp_access allow all
 
httpd_accel_host virtual
httpd_accel_port 80
 
httpd_accel_with_proxy on
memory_pools off
~
ASKER CERTIFIED SOLUTION
Gabriel Orozco
Solution Architect

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 11 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 11 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros