[OpenIndiana-discuss] web proxy server w/SSL/TLS termination (on OI)
Tim Mooney
Tim.Mooney at ndsu.edu
Mon Dec 24 21:18:18 UTC 2018
In regard to: [OpenIndiana-discuss] web proxy server w/SSL/TLS termination...:
> I would like to be able to do some basic web surfing on these older
> boxes.
TLS is going to be just one of the issues you encounter. Poor or missing
support for HTML 5, CSS, and JavaScript in older browsers are going to be
an impediment too.
> What I'm looking at doing is setting up a web proxy, and, having that
> web proxy also do the SSL/TLS termination. Ideally, this proxy software
> would run on OI.
Ok, you're talking about a *forward* proxy.
A TLS or SSL terminating proxy is more often used in a reverse proxy
config, but as the wiki article you linked mentions, there are reasons
to do encryption termination even with a forward proxy.
I have a bunch of experience with reverse proxies, but not much with
forward proxies.
Still, if I were trying to do what you're trying, I would start with
Apache httpd. It supports forward proxying, there's a ton of
documentation on Apache httpd, and a recent version is part of OI.
Some googling makes it look like forward proxying is (like reverse
proxying) pretty easy to set up:
https://theheat.dk/blog/?p=929
The thing to be very careful with is restricting access, so that your
system doesn't become an open web proxy. Any documentation on forward
proxying with httpd will likely stress that.
Good luck!
Tim
--
Tim Mooney Tim.Mooney at ndsu.edu
Enterprise Computing & Infrastructure 701-231-1076 (Voice)
Room 242-J6, Quentin Burdick Building 701-231-8541 (Fax)
North Dakota State University, Fargo, ND 58105-5164
More information about the openindiana-discuss
mailing list