I've got many servers and I want them to have the same IP when they do requests via the Internet. So I configured a Squid http proxy server that works well for http requests.
The problem is that it do not works for HTTPS requests (the real IP of my server appears…).
Do you have a solution for that ?
Best Answer
You need to use the SSL Bump functionality of Squid in order to be able to filter HTTPS. An easy method to implement this is to use QLProxy as it has the SSL Bump functionality enabled by default.
If you'd like to add it to your existing configuration, you can research it here
SIDE NOTE : SSL was developed, in part, to issue assurances to the connecting party that they are connecting to the service that they are expecting to connect to. Intercepting this transmission, which is what you're trying to accomplish, will break the integrtity of HTTPS and issue certificate warnings to your clients. This can be mitigated by distributing a trusted certificate to all your clients, however there is an ethical issue at play here as you are essentially eavesdropping on traffic that your clients assume is secure.