On a Debian Machine Squid and Apache is running. HTTPs is enabled with Certbot (Lets Encrypt).
I have several Domains (Vhosts) and I am using one IP-Address for all Domains.
Apache is listening on Port 81 (HTTP) and 444 (HTTPS)
My squid.conf looks like this:
# Incoming Connections
http_port 80 accel
cache_peer localhost parent 81 0 no-query originserver
https_port 443 acceldefaultsite=yourwebserver vhost
cache_peer localhost parent 444 0 no-query originserver
# ACL
http_access allow all
# Allowed Ports
acl SSL_ports port 443 # https
acl Safe_ports port 80 # http
acl CONNECT method CONNECT
My Problem: Squid asks for Certificates to enable HTTPS when I start the service with the config above.
But for every Domain I use different Certificates. How can I force Squid just to redirect 443 to 444 localhost?
Thats the whole idea of HTTPS. You will definately need certificates to serve certificate-protected content. Otherwise you woudn't have a http-proxy and use use NAT or a TCP proxy instead (like nginx with UPSTREAM providers).
That's the idea off SSL (TLS) and the reason why you can (read: you have to) configure different listeners with different properties. Or you use just TCP forwarding without terminatin (read: offloading) SSL.
In
squid3the vhost vonfiguration is done like this:Shart anwer: You can not. Try nginx with upstream or do just NAT in your router(s).