Install squid proxy with –enable-ssl for https_port

→ Are you a new visitor? Please visit the page guidance for new visitors ←

Squid proxy with –enable-ssl

A few months back when I was testing a few reverse proxy for leveraging load on my web server, I needed to setup SSL for one of my websites, unfortunately squid proxy, which I was using for reverse proxy, was not installed by default with –enable-ssl. This is only happening on Debian based servers, I found that on CentOS for example, yum package installer installs squid with ssl. In this article I’m going to show you how you can compile squid and add support for squid proxy with –enable-ssl.

Adding deb-src to source.list

First we will need to add the option to download our source packages from apt, we can do this by editing the following file:

/etc/apt/sources.list

and add there the bellow lines:

Now for you this may be different, but you should just add new lines similar to what you currently have, but started with deb-src.

Next we will navigate to our source folder:

Download and install squid

We then start and download our source files for squid directly from apt package installer:

Next we will need to get some dependencies for compiling:

Next is to start and set some configuration, eg. add –enable-ssl to the rules file:

The parameter needs to be added  somewhere around line 132 # Configure the package.

Then we just start the configure command and wait for it to finish:

Warning! Do not run make and make install, this will get you with errors at the end!

Lastly we need to compile everything and build us the .deb packages:

Manually installing the .deb files

For those of you who probably will still get some errors right at the end, you will probably notice that in your folder /usr/src/ you will have (based on your own version):

Using these files, even if you have had errors when it tried to installed them automatically, you can install them manually like so:

LE: 10 November 2013

Then you are done, you can start using https_port and set your SSL certificates to use SSL with your website. So in a reverse squid proxy configuration, you can use a similar setup:

The public IP address needs to be the one you want squid to listen for SSL requests.

Don’t forget to share it if you like it and comment if you have anything to add.

Request an article ←