The SSL proxy module implements the Connect method, an extension to HTTP that can be used to tunnel HTTPS requests. Since an HTTPS request is encrypted it is not possible to proxy it, nor to cache it. Unfortunately, this also means that an SSL proxy can be used to tunnel any TCP/IP connection, something that might break your security scheme. Therefore, it is possible to limit the ports to which the module can connect.

In Netscape terminology, a virtual server with this module enabled is a secure proxy.

Outsiders might get access to your network by connecting to the SSL proxy. Therefore, it is recommended that you use security patterns to limit access to this module to hosts within your network.

Allowed Ports

Limit access to certain ports. Enter 443 here if you only want to allow connections to the standard HTTPS port.

Connection refused message

Message to send to the user in case it was not possible to connect to the server.

Forbidden Ports

Forbid access to certain ports.

No such host message

Message to send to the user if it is impossible to locate the server.