Re: [squid-users] SSL from Mark Tinka on 2001-07-16 (squid-users)

From: Mark Tinka <aknit44@dont-contact.us>
Date: Mon, 16 Jul 2001 00:27:53 -0700 (PDT)

from what u have pasted it's clear that u have not enabled squid to use SSL.. change the following in your squid.conf file...

from:

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

to:

http_access allow !Safe_ports
http_access allow CONNECT !SSL_ports

u have been denying squid's idea of Safe ports and SSL capability... change as shown above and restart squid.. u should be able to log into hotmail and any other SSL site after that...

regards.. AKNIT

--- "Fredrik Falk" <freddy@kurd.nu>
> wrote:
>Hello all!
>I've got a problem with my squid and SSL otherwise it works OK :)
>----
>Squid.conf
>---
>http_port 8080
>httpd_accel_host virtual
>httpd_accel_port 80
>httpd_accel_with_proxy on
>httpd_accel_uses_host_header on
>httpd_accel_single_host off
>debug_options ALL,1
>cache_effective_user nobody
>cache_effective_group nogroup
>cache_mem 4 MB
>cache_swap_low 90
>cache_swap_high 95
>ftp_list_width 64
>request_body_max_size 10 MB
>refresh_pattern ^ftp: 1440 20% 10080
>refresh_pattern ^gopher: 1440 0% 1440
>refresh_pattern . 500 50% 10080
>quick_abort_min 16 KB
>quick_abort_max 16 KB
>quick_abort_pct 99
>acl all src 0.0.0.0/0.0.0.0
>acl manager proto cache_object
>acl localhost src 127.0.0.1/255.255.255.255
>acl SSL_ports port 443
>acl Safe_ports port 80 21 250 443 1025-65535
>acl CONNECT method CONNECT
>acl tvs src 192.168.0.0/255.255.255.0
>
>http_access allow manager localhost
>http_access deny manager
>http_access deny !Safe_ports
>http_access deny CONNECT !SSL_ports
>http_access allow tvs
>http_access deny all
>icp_access allow all
>miss_access allow all
>cache_mgr freddy@kurd.nu
>visible_hostname gozfand
>-------------------------
>When i try to login on hotmail it fails bacause of the SSL. I can't
>browse and SSL pages at all. And the log files dosen't say anything.
>
>On the browser i just get the error:
>
>"The page cannot be displayed"
>
>The standard IE error message..
>
>Im running Squid 2.4 STABLE1 on a Debian 2.2r2. 2.4.6
>
>Anyone know whats wrong?
>
>Thanks!
>Fredrik Falk
>
>-----
>
>Everybody should believe in something--I believe I'll have another drink

_____________________________________________________________
Be different Get yourself a Globenetcafe.net email ID
Uganda's Newest internet cafe www.globenetcafe.net
Received on Mon Jul 16 2001 - 01:30:28 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:08 MST