Jump to content
新域网络技术论坛

FREEBSD中使用SQUID代理HTTPS


Jamers
 Share

Recommended Posts

代理,我要代理

cd /usr/ports/www/squid
make install clean
#要身份验证,把mysql模块选上

cd /usr/ports/databases/p5-DBD-mysql/
make install clean
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
visible_hostname localhost
auth_param basic program /usr/local/libexec/squid/basic_db_auth \
    --dsn "DBI:mysql:host=localhost;port=3306;database=squid" \
    --user squid --password squid --plaintext --persist

auth_param basic children 5
auth_param basic realm Web-Proxy
auth_param basic credentialsttl 1 minute
auth_param basic casesensitive off

acl db-auth proxy_auth REQUIRED
http_access allow db-auth

#http_port 3128
https_port 443 cert=/etc/ssl/squid.crt key=/etc/ssl/squid.key


request_header_access Via deny all
request_header_access X-Forwarded-For deny all
request_header_access All allow all
reply_header_access Server deny all
reply_header_access X-Cache deny all
reply_header_access X-Cache-Lookup deny all
reply_header_access Warning deny all
reply_header_access Expires deny all
reply_header_access Cache-Control deny all
reply_header_access age deny all
#证书最好用正式签发的,因为访问代理服务器的时候需要使用与证书一致的域名进行访问

cd /etc/ssl
openssl req -new -sha256 -keyout squid.key -nodes -x509 -days 3650 -out squid.crt


openssl req -new -sha512 > squid.csr
密码:qqbx.cn
openssl rsa -in privkey.pem -out squid.key
openssl x509 -in squid.csr -out squid.crt -req -signkey squid.key -days 3650
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...