I have a
squid instance (v4.6) on a public address A.B.C.D setup with basic_auth (ldap backend). This works over **unencrypted** port, say 8080, using http_port A.B.C.D:8080. I'm trying to fiugre out how to secure connections to my squid over the insecure Internet (only authenticated users should be allwed to use the proxy). I'm using PROXY in the current Firefox 75 to test the connection.
I tried many things, including:
https_port A.B.C.D:8443 tls-cert=/path/to/cert tls-key=/path/to/key
SLL_ports 8443
When I enter this port to the Firefox PROXY settings, nothing happens, no basic_auth prompt, is shown, nothing.
Logs say:
1587588731.539 0 F.G.H.I NONE/000 0 NONE error:transaction-end-before-headers - HIER_NONE/- -
Is it possible to secure basic_auth (using TLS) when using PROXY? Sending unencrypted passwords over the Internet is simply wrong. I started to think about putting nginx with TLS and basic_auth in front of squid, but I do not know yet if this is possible.
Could someone help?
Asked by Kamil
(1501 rep)
Apr 22, 2020, 09:01 PM
Last activity: Apr 8, 2025, 04:08 AM
Last activity: Apr 8, 2025, 04:08 AM