Re: https

From: Malcolm B.J. Garbutt <mgarbutt@dont-contact.us>
Date: Thu, 16 Oct 1997 21:17:35 +1000 (EST)

He is also using an incorrect certificate.

On Thu, 16 Oct 1997, Redfern Ian wrote:

> The site manager is wrong, and is running an unorthodox (effectively
> broken) configuration.
>
> Look at the lines
>
> acl SSL_ports port 443 563
> acl CONNECT method CONNECT
>
> http_access deny CONNECT !SSL_ports
>
> in squid.conf. Because the proxy cannot interpret SSL - it could be
> anything, possibly even malicious - it only allows SSL traffic to the
> recognised SSL ports: 443 (https) and 563 (secnews).
>
> You can change this by modifying the SSL_ports ACL, but their site is
> going to be difficult to get to for a lot of people behind firewalls or
> filtering routers. Port 2000 is traditionally used for some types of X
> Windows services, so is quite inappropriate to run an SSL web server on.
>
> Ian Redfern (redferni@logica.com).
>

_________________________________________________________
Malcolm Garbutt
Network Operations-
OZLAND.NET MILDURA.NET MURRAY.NET

Office Ph. 03 50 212 991 Office Fax 03 50 212 932
Emergency Ph. 018 596 150

            .....Bringing the World to You......
_________________________________________________________
Received on Thu Oct 16 1997 - 03:01:28 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:37:17 MST