[squid-users] squid 2.5pre3 as ssl accelerator. -- almost.. not quite.

following config works.

---------------------------------------
http_port 80
https_port 10.1.1.2:443 cert=/usr/local/squid/etc/cert.pem
key=/usr/local/squid/etc/key.pem
debug_options ALL,1
acl all src 0.0.0.0/0.0.0.0
http_access allow all
cache_mgr root
cache_effective_user squid
httpd_accel_host <target real server's ip address>
httpd_accel_port 80
httpd_accel_single_host on
httpd_accel_with_proxy off
httpd_accel_uses_host_header on

redirect_program /usr/local/squid/bin/squid_redirect.pl
redirect_children 30
redirect_rewrites_host_header off
--------------------------------------

So, only thing i changed is httpd_accel_host, _single_host and _port.. I
changed from virtual to single host.

Does this mean that i can't do Squid 2.5Pre3+ssl accel+httpd accel to
multiple servers in the backend??

thanks,

Mike

----- Original Message -----
From: "Mike Lee" <mlee@netclimb.com>
To: <squid-users@squid-cache.org>
Sent: Thursday, January 24, 2002 3:35 PM
Subject: squid 2.5pre3 as ssl accelerator. -- some log messages

> Here are more info.
>
> cache.log indicated that squid started ok. --------------
> 2002/01/24 16:19:55| Restarting Squid Cache (version 2.5.PRE3)...
> 2002/01/24 16:19:55| FD 19 Closing HTTP connection
> 2002/01/24 16:19:55| FD 54 Closing HTTP connection
> 2002/01/24 16:19:55| DNS Socket created at 0.0.0.0, port 1043, FD 19
> 2002/01/24 16:19:55| Adding nameserver 10.1.1.2 from /etc/resolv.conf
> 2002/01/24 16:19:55| helperOpenServers: Starting 30 'squid_redirect.pl'
> processes
> 2002/01/24 16:19:55| Accepting HTTP connections at 0.0.0.0, port 80, FD
20.
> 2002/01/24 16:19:55| Initialising SSL.
> 2002/01/24 16:19:55| Using certificate in /usr/local/squid/etc/cert.pem
> 2002/01/24 16:19:55| Using private key in /usr/local/squid/etc/key.pem
> 2002/01/24 16:19:55| Accepting HTTPS connections at 10.1.1.2, port 443, FD
> 55.
> 2002/01/24 16:19:55| WCCP Disabled.
> 2002/01/24 16:19:55| Loaded Icons.
> 2002/01/24 16:19:55| Ready to serve requests.
>
> access.log when tried https://server.domain.com ----------------
> 1011916037.433 4 10.1.1.30 TCP_NEGATIVE_HIT/400 849 GET
> http://server.domain.com:443/ - NONE/- text/html
>
>
> thanks,
>
> Mike
> ----- Original Message -----
> From: "Mike Lee" <mlee@netclimb.com>
> To: <squid-users@squid-cache.org>
> Sent: Thursday, January 24, 2002 3:09 PM
> Subject: squid 2.5pre3 as ssl accelerator.
>
>
> > Hi,
> >
> > I'm wondering if anyone can help me. I've gotten the httpd accelerator
to
> > work. I'm trying to get SSL Accel to work.
> >
> > Here is my squid.conf ----------
> > http_port 80
> > https_port 10.1.1.2:443 cert=/usr/local/squid/etc/cert.pem
> > key=/usr/local/squid/etc/key.pem
> > httpd_accel_host virtual
> > httpd_accel_port 0
> > httpd_accel_single_host off
> > httpd_accel_with_proxy off
> > httpd_accel_uses_host_header on
> >
> > redirect_program /usr/local/squid/bin/squid_redirect.pl
> > redirect_children 30
> > redirect_rewrites_host_header off
> > -------------------------------------
> >
> >
> > When client tries to get to the SSL site, error message comes up.
> >
> > Bad Request
> > Your browser sent a request that this server could not understand.
> > Reason: You're speaking plain HTTP to an SSL-enabled server port.
> > Instead use the HTTPS scheme to access this URL, please.
> >
> >
> > Hint: https://server.domain.com:443/
>
> --------------------------------------------------------------------------
> --
> > ---------------
> >
> > To explain exactly what happens..
> >
> > Certificate window does show up. I click on ok to accept the
certificate
> > and this error message shows up.
> >
> > When i tcpdump on the target machine(real server), i don't even see any
> > packets come in. So, i'm pretty sure it's the squid box that giving
this
> > error message back to the client..
> >
> >
> >
> > Help!!
> >
> > Mike
> >
> >
>
Received on Thu Jan 24 2002 - 17:58:33 MST