Re: [squid-users] Squid 4.3: SSL Bump fails to send client certificate

Thank you Alex for the reply. Alex: 1. Servers never send SNI. Clients usually send SNI. Squid should forward SNI it received from the client to the server, provided the client actually sent SNI. Did your client send SNI? Sid: I can see in Client Hello IP Address being sent by Client; so there

Re: [squid-users] Squid 3.5.25 does not recognise ICAP 408 status code

On 10/30/18 6:45 PM, Arunabha Saha wrote: > Squid 3.5.25 does not seem to recognise the 408 request timeout error > code from ICAP. Squid effectively recognizes ICAP 408 response as an ICAP transaction error response and blames the ICAP service for that error. That (minimal) support can be

Re: [squid-users] redirect based on url (302)

On 31/10/18 12:49 AM, uppsalanet wrote: > Thanks, > Missed that I need to install squid-helpers "yum install squid-helpers" :-) > Now it's there. > > Now I use it like this: > > external_acl_type whitelist ttl=60 children-max=1 %SRC %DST > /usr/lib64/squid/ext_sql_session_acl --user root

Re: [squid-users] ERROR The requested URL could not be retrieved

On 31/10/18 1:45 AM, Uchenna Nebedum wrote: > Thanks a lot it works now... I've added site bumping exceptions, and it > still throws invalid certificate exceptions even though it uses the > 'ssl_bump stare' configuration, is it possible to reduce the errors?  > > Uchenna Nebedum > Maybe, the

Re: [squid-users] Squid proxy not working when upgrade from 27 to 3.5

On 30/10/18 4:15 PM, Angus J. wrote: > Hi Amos > > Can I just copy the all squid configure file at /etc/squid/ from 2.7 to 3.5 > ? > Sometimes, but usually not *just* that. The problem is that Squid-2.7 very old and also 2.6 & 2.7 was a fork of the even older Squid-2.5 code. There have been

[squid-users] Squid 3.5.25 does not recognise ICAP 408 status code

Squid 3.5.25 does not seem to recognise the 408 request timeout error code from ICAP. The more troublesome issue for me is the exception it generates and then declares ICAP down after a certain number of such exceptions. I don't want to disable the failure limit entirely given that we can often

Re: [squid-users] Squid 4.3: SSL Bump fails to send client certificate

On 10/30/18 2:36 AM, Sid wrote: > http_port 3128 ssl-bump \ > cert=/usr/local/squid/etc/ssl_cert/myCA.pem \ > generate-host-certificates=on dynamic_cert_mem_cache_size=4MB > ssl_bump peek step1 > ssl_bump bump all > Browser & HTTP UA Client connections are working with SSL bump

Re: [squid-users] redirect based on url (302)

Thanks, Missed that I need to install squid-helpers "yum install squid-helpers" :-) Now it's there. Now I use it like this: external_acl_type whitelist ttl=60 children-max=1 %SRC %DST /usr/lib64/squid/ext_sql_session_acl --user root --password config --table sessions --cond "" --debug But

[squid-users] Squid 4.3: SSL Bump fails to send client certificate

Hi, I have following Squid version installed on CentOS 7: [root@localhost ~]# squid -v Squid Cache: Version 4.3 Service Name: squid This binary uses OpenSSL 1.0.2k-fips 26 Jan 2017. For legal restrictions on distribution see https://www.openssl.org/source/license.html configure options: