[squid-users] State of www1.ngtech.co.il

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi list, does anybody know what is the matter with www1.ngtech.co.il? This is the source for RPM packages of squid but it seems to be dried up for some days now. Regards - -- Henri Wahl IT Department Leibniz-Institut fuer Festkoerper- u.

Re: [squid-users] ***SPAM*** Re: Random SSL bump DB corruption

Yuri, We’re trying that : - Tproxy - ssl_bump bump all does not work. We have followed the squid wiki regarding iptables rules, sysctl, etc… Instead “ssl_bump bump all”, if we use “ssl_bump server-first all” , it works, the https is decrypted. So is the tproxy

Re: [squid-users] ***SPAM*** Re: Random SSL bump DB corruption

Yuri, So what’s next ? Do you mean we must “do-not-ssl-bump” wrong certificats ? And if a certificate not yet identified is requested by an user it’ll crash the Squid ? Any idea how to fix that issue ? Thanks in advance. Bye Fred De : Yuri Voinov [mailto:yvoi...@gmail.com]

Re: [squid-users] ***SPAM*** Re: Random SSL bump DB corruption

Yury, I checked the source code (3.4/3.5) ssl_crtd, the default size is 2048. -b fs_block_size File system block size in bytes. Need for processing natural size of certificate on disk. Default value is 2048 bytes. /** \ingroup ssl_crtd

Re: [squid-users] Random SSL bump DB corruption

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Don't think this is critical. What is native fs block size? 09.04.15 13:29, Stakres пишет: Hi Yuri, We have checked the sslproxy_capath, all certifs updated. OpenSSL is: OpenSSL 1.0.1e 11 Feb 2013 (Debian 7.8) Additional point, the

Re: [squid-users] State of www1.ngtech.co.il

What I found, was I couldn't yum install . yum update but I would directly download the rpm with wget (with out a proxy as well !). strange ! On 9 April 2015 at 16:47, Henri Wahl h.w...@ifw-dresden.de wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi list, does anybody know what is

Re: [squid-users] Random SSL bump DB corruption

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Don't think this is critical. What is native fs block size? 09.04.15 13:29, Stakres пишет: Hi Yuri, We have checked the sslproxy_capath, all certifs updated. OpenSSL is: OpenSSL 1.0.1e 11 Feb 2013 (Debian 7.8) Additional point, the

Re: [squid-users] ***SPAM*** Re: Random SSL bump DB corruption

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I think,first you can try new stage-based SSL bump with 3.5.x. To do that you must identify problem sites. If there is no results, you can simple bypass problem sites without bump. Whole server-first bump, on Squid 3.5.x especially, is not so