Squid Reverse Proxy SSL Termination Problem

zid

Hello guys,

I'm using the squid package: 3.1.20 pkg 2.1.0.
Now my plan is to set up my Webservers to be be available like this:
Internetdomain –-Port:443 SSL---> Squid ---Port:80---> Webserver

If a user tries to connect via Port 80 they should get redirected to 443. Squid should terminate ssl and pass the user to the webserver via port 80.

as i didn't find any possibilities to set my certificate (reverse SSL certificate option in the gui does nothing?), i edited the squid.inc to add additional details to my squid.conf.
The configuration now looks like this:
(IPs/Domains edited)

https_port 94.58.64.159:443 accel cert=/usr/pbi/squid-i386/etc/squid/certificate.crt key=/usr/pbi/squid-i386/etc/squid/certificate.key defaultsite=domain.tld vhost

cache_peer 192.168.0.100 parent 80 0 proxy-only no-query no-digest originserver login=PASS round-robin name=rvp_APACHE

acl rdr_dst_webserver dstdomain apache.domain.tld
acl rdr_path_webserver urlpath_regex ^/$
deny_info https://apache.domain.tld/subdirectory rdr_path_webserver
http_access deny HTTPS rdr_dst_webserver rdr_path_webserver

acl rvm_APACHE url_regex -i apache.domain.tld
cache_peer_access rvp_APACHE allow rvm_APACHE
never_direct allow rvm_APACHE
http_access allow rvm_APACHE

What happens when I connect is:
I type apache.domain.tld and get a HTTP connection to the root folder of the webserver. It doesn't redirect to the subdirectory and doesnt secure the public part of the connection.

If I add HTTP in the Squid Redirect Mappings i get redirected to the right subdirectory and to the https URL. but it just jumps back to http and doesnt secure the public part either.

I think theres some major flaw in my configuration. Maybe something with the regex?

Thanks in advance