squid-based forward proxy that accepts incoming tls-encrypted connections

we needed to do some interoperability testing, and for that we had to allow http client application to talk with http proxy via secure channel.

on debian 11 i had to install package squid-openssl and add this line in /etc/squid/squid.conf:

https_port 3129 tls-cert=/etc/letsencrypt/live/domain.name.of.proxy/fullchain.pem tls-key=/etc/letsencrypt/live/domain.name.of.proxy/privkey.pem

the ssl cert was generated by certbot certonly.

that’s how i tested it:

curl --proxy https://domain.name.of.proxy:3129  https://kudzia.eu/ip/

Leave a Reply

Your email address will not be published. Required fields are marked *

(Spamcheck Enabled)