splashx/squid & pac for HTTPS proxy

## squid & pac for HTTPS proxy
# cat /etc/squid/squid.conf

shutdown_lifetime 1 second
auth_param basic program /lib/squid/basic_ncsa_auth /etc/squid/.htpasswd

acl SSL_ports port 443
acl Safe_ports port 80		# http
acl Safe_ports port 21		# ftp
acl Safe_ports port 443		# https
acl Safe_ports port 70		# gopher
acl Safe_ports port 210		# wais
acl Safe_ports port 1025-65535	# unregistered ports
acl Safe_ports port 280		# http-mgmt
acl Safe_ports port 488		# gss-http
acl Safe_ports port 591		# filemaker
acl Safe_ports port 777		# multiling http
acl CONNECT method CONNECT

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all

https_port 3443 cert=/etc/squid/squid.example.com.pem key=/etc/squid/squid.example.com.key.pem version=4

host_verify_strict on

debug_options ALL,1 82,9 46 #33,2 28,9

coredump_dir /var/spool/squid

refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
refresh_pattern .		0	20%	4320

# cat /etc/apache2/sites-available/pac.conf
<VirtualHost pac.example.com*:80>
	ServerName pac.example.com
	DocumentRoot /var/www/html

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	KeepAlive On

	<Directory "/var/www/html">
	  Options -Indexes
	</Directory>

</VirtualHost>

# cat /var/www/html/proxy.pac
function FindProxyForURL(url, host) {

	if (shExpMatch(host, "*.example.com"))
		return "HTTPS squid.example.com:3443;"
	else
		return "DIRECT";

}
	# cat /etc/squid/squid.conf

	shutdown_lifetime 1 second
	auth_param basic program /lib/squid/basic_ncsa_auth /etc/squid/.htpasswd

	acl SSL_ports port 443
	acl Safe_ports port 80 # http
	acl Safe_ports port 21 # ftp
	acl Safe_ports port 443 # https
	acl Safe_ports port 70 # gopher
	acl Safe_ports port 210 # wais
	acl Safe_ports port 1025-65535 # unregistered ports
	acl Safe_ports port 280 # http-mgmt
	acl Safe_ports port 488 # gss-http
	acl Safe_ports port 591 # filemaker
	acl Safe_ports port 777 # multiling http
	acl CONNECT method CONNECT

	http_access deny !Safe_ports
	http_access deny CONNECT !SSL_ports
	http_access allow localhost
	http_access deny all

	https_port 3443 cert=/etc/squid/squid.example.com.pem key=/etc/squid/squid.example.com.key.pem version=4

	host_verify_strict on

	debug_options ALL,1 82,9 46 #33,2 28,9

	coredump_dir /var/spool/squid

	refresh_pattern ^ftp: 1440 20% 10080
	refresh_pattern ^gopher: 1440 0% 1440
	refresh_pattern -i (/cgi-bin/\|\?) 0 0% 0
	refresh_pattern (Release\|Packages(.gz)*)$ 0 20% 2880
	refresh_pattern . 0 20% 4320

	# cat /etc/apache2/sites-available/pac.conf
	<VirtualHost pac.example.com*:80>
	ServerName pac.example.com
	DocumentRoot /var/www/html

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	KeepAlive On

	<Directory "/var/www/html">
	Options -Indexes
	</Directory>

	</VirtualHost>

	# cat /var/www/html/proxy.pac
	function FindProxyForURL(url, host) {

	if (shExpMatch(host, "*.example.com"))
	return "HTTPS squid.example.com:3443;"
	else
	return "DIRECT";

	}