I'd like to locate a server overseas and run squid as a reverse proxy for our site. Say the site is:
eu.website.com
This would point to
www.website.com
through squid. My issue is SSL. I know I'll have to buy a certificate for eu.website.com, but can I pass through the SSL to www.site.com? The setup would look like this
eu.website.com <--> Squid server <--> www.website.com
This whole chain of communication needs to be secure.
If your certificate on www.website.com is publicly signed (opposed to self signed) you should not have any problems. If the certificate on www.website.com if self signed you will need to either specify the CA cert in squid for www.website.com or tell squid to ignore certificate errors (I recommend the first option though).
Plus a cert for eu.website.com to resecure all comms it replies to.
So you will need either a wildcard certificate for *.website.com or certs for both domains. Publicly or self signed.
The only point of unsecured communications then is the actual squid server that just decrypts requests and passes them secuarly on to www.website.com
This is probably what you're looking for:
http://wiki.squid-cache.org/ConfigExamples/Reverse/SslWithWildcardCertifiate