Yum proxy setup (was (no subject))
Christopher K. Johnson
ckjohnson at gwi.net
Sat Feb 21 16:54:38 UTC 2004
Alexander Dalloz wrote:
>Am Sa, den 21.02.2004 schrieb Telmo Silva um 01:10:
>
>
>>Ok, thanks, just one more question. Should I put
>>
>>export https_proxy=https://proxy:portnum/
>>
>>or
>>
>>export https_proxy=http://proxy:portnum/
>>
>>Thanks,
>>
>>
>
>It obviously depend whether the proxy need SSL encrypted connection
>(https://) or normal (http://) connection. Standard is an unencrypted
>connection to port 3128 or 8080 i.e. So
>
>export https_proxy=http://proxy:portnum/
>
>would be most common.
>
>Alexander
>
>
>
>
Definitely the latter.
In fact https is proxied securely with an http://proxy:portnum/ proxy.
For an https connection what is sent to the proxy server is a connect
request to the secure site, not an http request. If authorized, the
proxy server opens a tcp connection there, and then simply relays all
tcp packets between the client and the secure server, unable to examine
or cache content since an encrypted connection is negotiated between the
client and secure server. Having a proxy configured to answer on a
secure socket would add nothing to the security of the proxied connection.
Chris
--
-----------------------------------------------------------
"Spend less! Do more! Go Open Source..." -- Dirigo.net
Chris Johnson, RHCE #807000448202021
More information about the users
mailing list