May 7, 2010

Squid Proxy SSL HTTPS non standard ports

By Geekphreek

It’s amazing at how elusive some of the simplest things can be. For a few days I’ve struggled to work out why I can’t proxy to non-standard SSL/HTTPS ports using Squid.

Well it turns out that I either didn’t look close enough at the config file, or there’s a serious lack of documentation on this matter. Maybe a little of both (and I tried the IRC channel for #squid on Freenode, idlers galore!).

Well, it’s this simple: I want to connect to a new HTTPS server which I have set the port to as 4444 for Exchange OWA. Squid will give you a configuration error or a not allowed message when you try to proxy to any port other than 443 which is the standard allowed SSL.

To fix this, add your port to the line in the config file:

acl SSL_ports port 443

so it becomes

acl SSL_ports port 443 4444

/etc/init.d/squid3 reload

That’s it, job done.