Jump to content
新域网络技术论坛
Sign in to follow this  
Jamers

FREEBSD中使用SQUID代理HTTPS

Recommended Posts

代理,我要代理

cd /usr/ports/www/squid
make install clean
#要身份验证,把mysql模块选上

cd /usr/ports/databases/p5-DBD-mysql/
make install clean
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
visible_hostname localhost
auth_param basic program /usr/local/libexec/squid/basic_db_auth \
    --dsn "DBI:mysql:host=localhost;port=3306;database=squid" \
    --user squid --password squid --plaintext --persist

auth_param basic children 5
auth_param basic realm Web-Proxy
auth_param basic credentialsttl 1 minute
auth_param basic casesensitive off

acl db-auth proxy_auth REQUIRED
http_access allow db-auth

#http_port 3128
https_port 443 cert=/etc/ssl/squid.crt key=/etc/ssl/squid.key


request_header_access Via deny all
request_header_access X-Forwarded-For deny all
request_header_access All allow all
reply_header_access Server deny all
reply_header_access X-Cache deny all
reply_header_access X-Cache-Lookup deny all
reply_header_access Warning deny all
reply_header_access Expires deny all
reply_header_access Cache-Control deny all
reply_header_access age deny all
#证书最好用正式签发的,因为访问代理服务器的时候需要使用与证书一致的域名进行访问

cd /etc/ssl
openssl req -new -sha256 -keyout squid.key -nodes -x509 -days 3650 -out squid.crt


openssl req -new -sha512 > squid.csr
密码:qqbx.cn
openssl rsa -in privkey.pem -out squid.key
openssl x509 -in squid.csr -out squid.crt -req -signkey squid.key -days 3650

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...