Adam, first of all thanks for your replay... I try your suggestion but the problem persist.
Bellow is acl extract of the squid.conf #Recommended minimum configuration: acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl yahoo dstdomain .msg.yahoo.com acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 81 # http acl Safe_ports port 85 acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT always_direct allow yahoo acl localnet proxy_auth REQUIRED no_cache deny all http_access allow localhost http_access allow manager localhost #http_access deny manager # Deny requests to unknown ports http_access deny !Safe_ports # Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports http_access allow localnet http_access deny all never_direct allow all Cheers... -----Mensaje original----- De: Adam Aube [mailto:[EMAIL PROTECTED] Enviado el: Mi�rcoles, 07 de Abril de 2004 14:49 Para: [EMAIL PROTECTED] Asunto: [squid-users] Re: HTTPS site Montervino, Mariano wrote: > I�m using squid Version 2.5.STABLE5 and Samba 3.0.2a in a windows network. > If i configure IE to use "use http 1.1" plus "use http 1.1 through proxy > connection" options i couldn�t access somes site using ssl. The access.log > show that for thats sites the user doesn�t authenticate; but in this > scenario yahoo messenger work fine. > If i configure IE to use only "use http 1.1" option all ssl site work > fine; but in this scenario yahoo messenger stop working. Below is a > extract of access.log I can understand your frustration - we had the same problem at a site I worked at. Never could figure out how to get Yahoo! messenger working, but also didn't invest an enormous amount of time into it, as Yahoo! messenger was personal use, not business-related. One thing you could try is specifically allowing .msg.yahoo.com (using a dstdomain acl) before you require authentication. You would lose the tracking and access control the authentication provides, but that's your call. I would also recommend complaining to Yahoo! about it, as they make the software. Adam
