Forum OpenACS Q&A: Re: how to config for multiple aolserver instances
while squid supports SSL this does NOT mean that squid can REVERSE proxy SSL servers.
See also http://www.squid-cache.org/mail-archive/squid-users/200005/0745.html as well as various threads on openacs.org.
that is (partially) correct. Yes, you can NOT proxy an SSL server. That is you can NOT setup the following scenario:
- https://dev.domain.com/ and
both behind a proxy. The proxy can NOT pass the https requests on to the virtual domains.
However, you can setup a proxy server that handles ALL SSL negotiations and passes the https requests on as http requests to the appropriate virtual domain. In other words, when the proxy receives a request for https://dev.domain.com/ it will authenticate the secure request and forward the request to http://dev.domain.com/. The virtual web servers never see a secure connection.
Pound (http://www.apsis.ch/pound/) is a reverse proxy that I know of to support this configuration.
In order to do this, the proxy would require a wildcard certificate for *.domain.com so that it can authenticate requests for both subdomains in the above example.