0
I Recently installed squid as a web proxy, it works fine. But the problem is that connection to the proxy server is not encrypted, so it's visible to any mans in the middle by DPI (Deep Packet Inspection).
I've found --enable-ssl opetion in the squid configurations, but it seems to be useful for reverse proxy or https redirect, that I'm not sure if it would be applicable in securing my client connections to the server. If it is, please give some guidelines on the right configurations.
Another option seems to be, using STunnel for creating a secure tunnel between proxy sever and clients. but i think it may complicates configurations on the client side, as it needs stunnel to be installed and configured on each client system and may be inapplicable on some client host depends on the OS.
So I'm looking to find a way, for users to just enter IP/port and user/pass in their browsers or in their connection profile and get connected to a secure proxy server.
2i3r
Posted 2014-02-26T16:58:59.647
Reputation: 41
Do you mean there is no encryption in http proxy at all?!
I used to hear about https or SSL proxy tunnel. and even some applications such as Firefox, Proxifier and some others suggest https or SSL as an option for the type of proxy for connection. Also one windows equivalent of squid named ccproxy, offer https proxy. So what the SSL Tunnel/HTTPS Tunnel stands for? – 2i3r – 2014-02-26T22:27:32.190
Updated in 2011: http://wiki.squid-cache.org/Features/HTTPS#Encrypted_browser-Squid_connection If you need to encrypt traffic between all browsers-proxy, you need tunnel unless something has changed in recent years.
– Chris – 2014-02-27T08:58:02.047