[squid-users] squid 2.5pre3 as ssl accelerator. -- some log messages from Mike Lee on 2002-01-24 (squid-users)

From: Mike Lee <mlee@dont-contact.us>
Date: Thu, 24 Jan 2002 15:35:22 -0800

Here are more info.

cache.log indicated that squid started ok. --------------
2002/01/24 16:19:55| Restarting Squid Cache (version 2.5.PRE3)...
2002/01/24 16:19:55| FD 19 Closing HTTP connection
2002/01/24 16:19:55| FD 54 Closing HTTP connection
2002/01/24 16:19:55| DNS Socket created at 0.0.0.0, port 1043, FD 19
2002/01/24 16:19:55| Adding nameserver 10.1.1.2 from /etc/resolv.conf
2002/01/24 16:19:55| helperOpenServers: Starting 30 'squid_redirect.pl'
processes
2002/01/24 16:19:55| Accepting HTTP connections at 0.0.0.0, port 80, FD 20.
2002/01/24 16:19:55| Initialising SSL.
2002/01/24 16:19:55| Using certificate in /usr/local/squid/etc/cert.pem
2002/01/24 16:19:55| Using private key in /usr/local/squid/etc/key.pem
2002/01/24 16:19:55| Accepting HTTPS connections at 10.1.1.2, port 443, FD
55.
2002/01/24 16:19:55| WCCP Disabled.
2002/01/24 16:19:55| Loaded Icons.
2002/01/24 16:19:55| Ready to serve requests.

access.log when tried https://server.domain.com ----------------
1011916037.433 4 10.1.1.30 TCP_NEGATIVE_HIT/400 849 GET
http://server.domain.com:443/ - NONE/- text/html

thanks,

Mike
----- Original Message -----
From: "Mike Lee" <mlee@netclimb.com>
To: <squid-users@squid-cache.org>
Sent: Thursday, January 24, 2002 3:09 PM
Subject: squid 2.5pre3 as ssl accelerator.

> Hi,
>
> I'm wondering if anyone can help me. I've gotten the httpd accelerator to
> work. I'm trying to get SSL Accel to work.
>
> Here is my squid.conf ----------
> http_port 80
> https_port 10.1.1.2:443 cert=/usr/local/squid/etc/cert.pem
> key=/usr/local/squid/etc/key.pem
> httpd_accel_host virtual
> httpd_accel_port 0
> httpd_accel_single_host off
> httpd_accel_with_proxy off
> httpd_accel_uses_host_header on
>
> redirect_program /usr/local/squid/bin/squid_redirect.pl
> redirect_children 30
> redirect_rewrites_host_header off
> -------------------------------------
>
>
> When client tries to get to the SSL site, error message comes up.
>
> Bad Request
> Your browser sent a request that this server could not understand.
> Reason: You're speaking plain HTTP to an SSL-enabled server port.
> Instead use the HTTPS scheme to access this URL, please.
>
>
> Hint: https://server.domain.com:443/
> --------------------------------------------------------------------------

--
> ---------------
>
> To explain exactly what happens..
>
> Certificate window does show up.  I click on ok to accept the certificate
> and this error message shows up.
>
> When i tcpdump on the target machine(real server), i don't even see any
> packets come in.  So, i'm pretty sure it's the squid box that giving this
> error message back to the client..
>
>
>
> Help!!
>
> Mike
>
>

Received on Thu Jan 24 2002 - 16:35:12 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:56 MST