Configuring Squid as an accelerator/SSL offload for Outlook Web Access
2016-04-19 09:59
525 查看
reference:http://wiki.squid-cache.org/SquidFaq/ReverseProxy/
Contents
Configuring Squid as an accelerator/SSL offload for Outlook Web Access
Outline
Setup
Configuration
Troubleshooting
OWA works but ActiveSync fails
See also
Thanks
The IP of the Squid server (ip_of_squid)
The 'public' domain used for Outlook Web Access (owa_domain_name)
The IP of the Outlook Web Access server (ip_of_owa_server)
Please note that the https_port and cache_peer lines may wrap in your browser!
If the connection to the OWA server requires SSL then the cache_peer line should be changed appropriately:
an apparent bug in Squid-3.1 means that https_port may also need to use the connection-auth=off option for now.
Configuring Squid as an accelerator/SSL offload for Outlook Web Access
Warning: Any example presented here is provided "as-is" with no support or guarantee of suitability. If you have any further questions about these examples please email the squid-users mailing list.Contents
Configuring Squid as an accelerator/SSL offload for Outlook Web Access
Outline
Setup
Configuration
Troubleshooting
OWA works but ActiveSync fails
See also
Thanks
Outline
Squid can be easily used to provide SSL acceleration services for Outlook Web Access. It can also speak SSL to the backend Exchange server. Later versions of Squid-2.6 support all the methods used by WebDAV by default. Please consider upgrading to at least the latest Squid-2.6 STABLE release before attempting this.Setup
The example situation involves a single Outlook Web Access server and a single Squid server. The following information is required:The IP of the Squid server (ip_of_squid)
The 'public' domain used for Outlook Web Access (owa_domain_name)
The IP of the Outlook Web Access server (ip_of_owa_server)
Configuration
This configuration MUST appear at the top of squid.conf above any other forward-proxy configuration (http_access etc). Otherwise the standard proxy access rules block some people viewing the accelerated site. |
https_port ip_of_squid:443 accel cert=/path/to/certificate/ defaultsite=owa_domain_name cache_peer ip_of_owa_server parent 80 0 no-query originserver login=PASS front-end-https=on name=owaServer acl OWA dstdomain owa_domain_name cache_peer_access owaServer allow OWA never_direct allow OWA # lock down access to only query the OWA server! http_access allow OWA http_access deny all miss_access allow OWA miss_access deny all
If the connection to the OWA server requires SSL then the cache_peer line should be changed appropriately:
cache_peer ip_of_owa_server parent 443 0 no-query originserver login=PASS ssl sslcert=/path/to/client-certificate name=owaServer
an apparent bug in Squid-3.1 means that https_port may also need to use the connection-auth=off option for now.
相关文章推荐
- nginx 一二事(3) - 反向代理以及负载均衡
- 使用Squid做代理服务器,Squid单网卡透明代理配置详解(转)
- 使用Squid做代理服务器,Squid单网卡透明代理配置详解(转)
- Node.js站点使用Nginx作反向代理时配置GZip压缩的教程
- nginx 结合tomcat 做简单的反向代理
- squid做代理服务器实例配置
- squid实例配置之静态cdn
- nginx安装,反向代理配置
- 初实nginx服务器配置之反向代理服务技术
- squid 代理服务
- 架构高性能网站秘笈(四)——反向代理缓存
- Nginx简介及用户认证、访问控制和反向代理配置
- 抛弃Nginx使用nodejs做反向代理服务器
- 正向代理--反向代理
- Linux下Squid代理服务器的安装与配置,带用户认证功能
- ubuntu安装配置squid进行代理
- 如何部署一个squid代理
- Squid简介以及代理等配置
- nginx反向代理同一主机多个网站域名
- 均衡负载和反向代理