-Message d'origine-
De : squid-users [mailto:squid-users-boun...@lists.squid-cache.org] De la part
de David Touzeau
Envoyé : mardi 24 janvier 2017 11:42
À : squid-users@lists.squid-cache.org
Objet : Re: [squid-users] [3.5.23]: mozilla.org failed using SSL transp
This is a different log trace from David's.
Here Squid is setting up a TUNNEL to the clients original dst-IP,
successfully. Any TLS funky stuff going on for this transaction is done
directly between server and client. Squid's only involvement is to peek at
the Hello messages and record them for i
> On Mon, 2017-01-23 at 19:54 -0700, Alex Rousskov wrote:
>> On 01/23/2017 04:28 PM, David Touzeau wrote:
>>>
>>> ssl_bump peek ssl_step1
>>> ssl_bump splice all
>>>
>>> sslproxy_flags DONT_VERIFY_PEER
>>> sslproxy_cert_error allow all
>>
>>>
>>> When connecting to mozilla.org using transparent, we
On Mon, 2017-01-23 at 19:54 -0700, Alex Rousskov wrote:
> On 01/23/2017 04:28 PM, David Touzeau wrote:
> >
> > ssl_bump peek ssl_step1
> > ssl_bump splice all
> >
> > sslproxy_flags DONT_VERIFY_PEER
> > sslproxy_cert_error allow all
>
> >
> > When connecting to mozilla.org using transparent, we
On 01/23/2017 04:28 PM, David Touzeau wrote:
> ssl_bump peek ssl_step1
> ssl_bump splice all
>
> sslproxy_flags DONT_VERIFY_PEER
> sslproxy_cert_error allow all
> When connecting to mozilla.org using transparent, we receive this error:
>
> * About to connect() to www.mozilla.org port 443 (#0)
>
On 24/01/2017 2:11 p.m., David Touzeau wrote:
> De : Amos Jeffries
>
> On 24/01/2017 12:28 p.m., David Touzeau wrote:
>> Same issue with https://www.digitalocean.com/ is somebody did not
>> encounter the issue using Squid in transparent mode with SSL ??
>>
>
> The TLS / HTTP Senvironment is in t
De : squid-users [mailto:squid-users-boun...@lists.squid-cache.org] De la
part de Amos Jeffries
Envoyé : mardi 24 janvier 2017 01:01
À : squid-users@lists.squid-cache.org
Objet : Re: [squid-users] [3.5.23]: mozilla.org failed using SSL transparent
SSL23_GET_SERVER_HELLO:unknown protocol
On 24/01
On 24/01/2017 12:28 p.m., David Touzeau wrote:
> Same issue with https://www.digitalocean.com/
> is somebody did not encounter the issue using Squid in transparent mode with
> SSL ??
>
The TLS / HTTP Senvironment is in the process of stabilizing, but still
quite volatile.
Since the error messag
19:49
À : squid-users@lists.squid-cache.org
Objet : [squid-users] [3.5.23]: mozilla.org failed using SSL transparent
SSL23_GET_SERVER_HELLO:unknown protocol
Hi
I'm using SSL transparent method :
https_port 0.0.0.0:53695 intercept disable-pmtu-discovery=transparent
name=MyPortNameID2
Hi
I'm using SSL transparent method :
https_port 0.0.0.0:53695 intercept disable-pmtu-discovery=transparent
name=MyPortNameID22 ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB
cert=/etc/squid3/ssl/cb623e9bfc65772f68b84393604cd6ea.dyn
sslproxy_foreign_intermediate_certs
10 matches
Mail list logo
