[ZT]squid中实现https的透明代理
2014-03-31 17:47
597 查看
From:http://hi.baidu.com/zkheartboy/blog/item/9e37f0cd374e7f540eb345fe.html
使用iptbales+squid很容易实现http透明代理
如果要https的透明代理也只需要下面两个步骤就行了
1.生成测试用的证书:
openssl req -new -keyout /etc/squid/key.pem -nodes -x509 -days 365 -out /etc/squid/cert.pem
(如果要生成一个证书请求用于申请正式证书请用下面两个命令:
生成私钥 openssl genrsa -out key.pem 1024
生成待签名证书 openssl req -new -out req.csr -key key.pem
然后将req.csr文件中的内容提交给证书颁发机构。)
2. 在squid.conf相应地方添加
https_port 443 cert=/etc/squid/cert.pem /etc/squid/key.pem
如果出现下面的错误
The following error was encountered:
Invalid Request
Some aspect of the HTTP Request is invalid. Possible problems:
Missing or unknown request method
Missing URL
Missing HTTP Identifier (HTTP/1.0)
Request is too large
Content-Length missing for POST or PUT requests
Illegal character in hostname; underscores are not allowed
只需要在https_port 后面在加transparent
https_port 443 cert=/etc/squid/cert.pem /etc/squid/key.pem transparent
我的试了,可是不行,错误日志如下,有时间再研究一下:
Aug 13 09:01:01 adsl squid: Bungled squid.conf line 97: https_port 443 cert=/etc/squid/cert.pem /etc/squid/key.pem
Aug 13 09:05:55 adsl squid: Bungled squid.conf line 97: https_port 443 cert=/etc/squid/cert.pem /etc/squid/key.pem transparent
Aug 13 09:05:57 adsl squid: Bungled squid.conf line 97: https_port 443 cert=/etc/squid/cert.pem /etc/squid/key.pem transparent
Aug 13 09:12:02 adsl squid: Bungled squid.conf line 97: https_port 443 cert=/etc/squid/cert.pem /etc/squid/key.pem
Getting this error when accessing the login for Prepaid Verizon Wireless Link:
1) Error:
=========================================================
"ERROR
The requested URL could not be retrieved
While trying to retrieve the URL: myaccount.verizonwireless.com:443
The following error was encountered:
* Access Denied.
Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.
./configure --enable-storeio=ufs,null ...
阅读(2657) | 评论(0) | 转发(0) |
0
上一篇:泡沫惊梦
下一篇:许知远:我们这一代
相关热门文章
linux 常见服务端口
【ROOTFS搭建】busybox的httpd...
什么是shell
linux socket的bug??
linux的线程是否受到了保护?...
IBM DS3400 盘阵怎么查看是单...
启动auditd时,报错如下,怎么...
CGSL系统中root密码正确,但无...
在CGSL系统中,如何为不同的用...
CGSL系统如何设置交换分区的大...
给主人留下些什么吧!~~
评论热议
使用iptbales+squid很容易实现http透明代理
如果要https的透明代理也只需要下面两个步骤就行了
1.生成测试用的证书:
openssl req -new -keyout /etc/squid/key.pem -nodes -x509 -days 365 -out /etc/squid/cert.pem
(如果要生成一个证书请求用于申请正式证书请用下面两个命令:
生成私钥 openssl genrsa -out key.pem 1024
生成待签名证书 openssl req -new -out req.csr -key key.pem
然后将req.csr文件中的内容提交给证书颁发机构。)
2. 在squid.conf相应地方添加
https_port 443 cert=/etc/squid/cert.pem /etc/squid/key.pem
如果出现下面的错误
The following error was encountered:
Invalid Request
Some aspect of the HTTP Request is invalid. Possible problems:
Missing or unknown request method
Missing URL
Missing HTTP Identifier (HTTP/1.0)
Request is too large
Content-Length missing for POST or PUT requests
Illegal character in hostname; underscores are not allowed
只需要在https_port 后面在加transparent
https_port 443 cert=/etc/squid/cert.pem /etc/squid/key.pem transparent
我的试了,可是不行,错误日志如下,有时间再研究一下:
Aug 13 09:01:01 adsl squid: Bungled squid.conf line 97: https_port 443 cert=/etc/squid/cert.pem /etc/squid/key.pem
Aug 13 09:05:55 adsl squid: Bungled squid.conf line 97: https_port 443 cert=/etc/squid/cert.pem /etc/squid/key.pem transparent
Aug 13 09:05:57 adsl squid: Bungled squid.conf line 97: https_port 443 cert=/etc/squid/cert.pem /etc/squid/key.pem transparent
Aug 13 09:12:02 adsl squid: Bungled squid.conf line 97: https_port 443 cert=/etc/squid/cert.pem /etc/squid/key.pem
Getting this error when accessing the login for Prepaid Verizon Wireless Link:
1) Error:
=========================================================
"ERROR
The requested URL could not be retrieved
While trying to retrieve the URL: myaccount.verizonwireless.com:443
The following error was encountered:
* Access Denied.
Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.
./configure --enable-storeio=ufs,null ...
阅读(2657) | 评论(0) | 转发(0) |
0
上一篇:泡沫惊梦
下一篇:许知远:我们这一代
相关热门文章
linux 常见服务端口
【ROOTFS搭建】busybox的httpd...
什么是shell
linux socket的bug??
linux的线程是否受到了保护?...
IBM DS3400 盘阵怎么查看是单...
启动auditd时,报错如下,怎么...
CGSL系统中root密码正确,但无...
在CGSL系统中,如何为不同的用...
CGSL系统如何设置交换分区的大...
给主人留下些什么吧!~~
评论热议
相关文章推荐
- squid中实现https的透明代理
- 使用squid搭建https透明代理
- 使用sslsplit实现https,imaps,pop3s, smtps等透明代理
- iptables+NAT+squid 透明代理上网实现方案
- iptables+NAT+squid 透明代理上网实现方案[阮胜昌]
- 利用SQUID做透明代理实现内网访问Internet
- Iptables+squid 多网段透明代理的实现
- squid+iptalbes实现透明代理配置记录
- iptables NAT+squid实现透明代理
- iptables+NAT+squid 透明代理上网实现方案
- iptables+NAT+squid 透明代理上网实现方案
- 成功使用squid+iptables配置透明代理 (zt)
- squid透明代理的安装和实现
- linux下代理服务器配置 用squid+iptables实现透明代理
- 实现squid+iptables+dhcp的透明代理
- iptables NAT+squid实现透明代理
- python之squid实现免费 IP代理 (windows win7 单机 本机 本地 正向代理 区分 HTTPS)
- squid+iptables实现透明代理
- squid+iptables 实现透明代理