Thank you Alex for the reply.
Alex: 1. Servers never send SNI. Clients usually send SNI. Squid should
forward SNI it received from the client to the server, provided the client
actually sent SNI. Did your client send SNI?
Sid: I can see in Client Hello IP Address being sent by Client; so there
On 10/30/18 6:45 PM, Arunabha Saha wrote:
> Squid 3.5.25 does not seem to recognise the 408 request timeout error
> code from ICAP.
Squid effectively recognizes ICAP 408 response as an ICAP transaction
error response and blames the ICAP service for that error. That
(minimal) support can be
On 31/10/18 12:49 AM, uppsalanet wrote:
> Thanks,
> Missed that I need to install squid-helpers "yum install squid-helpers" :-)
> Now it's there.
>
> Now I use it like this:
>
> external_acl_type whitelist ttl=60 children-max=1 %SRC %DST
> /usr/lib64/squid/ext_sql_session_acl --user root
On 31/10/18 1:45 AM, Uchenna Nebedum wrote:
> Thanks a lot it works now... I've added site bumping exceptions, and it
> still throws invalid certificate exceptions even though it uses the
> 'ssl_bump stare' configuration, is it possible to reduce the errors?
>
> Uchenna Nebedum
>
Maybe, the
On 30/10/18 4:15 PM, Angus J. wrote:
> Hi Amos
>
> Can I just copy the all squid configure file at /etc/squid/ from 2.7 to 3.5
> ?
>
Sometimes, but usually not *just* that.
The problem is that Squid-2.7 very old and also 2.6 & 2.7 was a fork of
the even older Squid-2.5 code. There have been
Squid 3.5.25 does not seem to recognise the 408 request timeout error code
from ICAP.
The more troublesome issue for me is the exception it generates and then
declares ICAP down after a certain number of such exceptions.
I don't want to disable the failure limit entirely given that we can often
On 10/30/18 2:36 AM, Sid wrote:
> http_port 3128 ssl-bump \
> cert=/usr/local/squid/etc/ssl_cert/myCA.pem \
> generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
> ssl_bump peek step1
> ssl_bump bump all
> Browser & HTTP UA Client connections are working with SSL bump
Thanks,
Missed that I need to install squid-helpers "yum install squid-helpers" :-)
Now it's there.
Now I use it like this:
external_acl_type whitelist ttl=60 children-max=1 %SRC %DST
/usr/lib64/squid/ext_sql_session_acl --user root --password config --table
sessions --cond "" --debug
But
Hi,
I have following Squid version installed on CentOS 7:
[root@localhost ~]# squid -v
Squid Cache: Version 4.3
Service Name: squid
This binary uses OpenSSL 1.0.2k-fips 26 Jan 2017. For legal restrictions on
distribution see https://www.openssl.org/source/license.html
configure options: