AW: [squid-users] squid 2.5pre3 as ssl accelerator. -- almost.. not quite.

Hi,

I'm trying to do the same config as you but when compiling squid I get this:

Making all in lib
make[1]: Entering directory `/squid-2.5.PRE3/lib'
source='rfc2617.c' object='rfc2617.o' libtool=no \
depfile='.deps/rfc2617.Po' tmpdepfile='.deps/rfc2617.TPo' \
depmode=gcc /bin/sh ../cfgaux/depcomp \
gcc -DHAVE_CONFIG_H -I. -I. -I../include -I../include -I../include -g -W
all -c `test -f rfc2617.c || echo './'`rfc2617.c
In file included from rfc2617.c:52:
../include/md5.h:18: #error Cannot find OpenSSL headers
make[1]: *** [rfc2617.o] Error 1
make[1]: Leaving directory `/squid-2.5.PRE3/lib'
make: *** [all-recursive] Error 1

I use kernel 2.4.10, squid-2.5pre3, openssl 0.96b.

Help please

thanx
Philipp

> -----Ursprüngliche Nachricht-----
> Von: Mike Lee [mailto:mlee@netclimb.com]
> Gesendet: Freitag, 25. Januar 2002 01:59
> An: squid-users@squid-cache.org
> Betreff: [squid-users] squid 2.5pre3 as ssl accelerator. --
> almost.. not
> quite.
>
>
> following config works.
>
> ---------------------------------------
> http_port 80
> https_port 10.1.1.2:443 cert=/usr/local/squid/etc/cert.pem
> key=/usr/local/squid/etc/key.pem
> debug_options ALL,1
> acl all src 0.0.0.0/0.0.0.0
> http_access allow all
> cache_mgr root
> cache_effective_user squid
> httpd_accel_host <target real server's ip address>
> httpd_accel_port 80
> httpd_accel_single_host on
> httpd_accel_with_proxy off
> httpd_accel_uses_host_header on
>
> redirect_program /usr/local/squid/bin/squid_redirect.pl
> redirect_children 30
> redirect_rewrites_host_header off
> --------------------------------------
>
> So, only thing i changed is httpd_accel_host, _single_host
> and _port.. I
> changed from virtual to single host.
>
> Does this mean that i can't do Squid 2.5Pre3+ssl accel+httpd accel to
> multiple servers in the backend??
>
> thanks,
>
> Mike
>
> ----- Original Message -----
> From: "Mike Lee" <mlee@netclimb.com>
> To: <squid-users@squid-cache.org>
> Sent: Thursday, January 24, 2002 3:35 PM
> Subject: squid 2.5pre3 as ssl accelerator. -- some log messages
>
>
> > Here are more info.
> >
> > cache.log indicated that squid started ok. --------------
> > 2002/01/24 16:19:55| Restarting Squid Cache (version 2.5.PRE3)...
> > 2002/01/24 16:19:55| FD 19 Closing HTTP connection
> > 2002/01/24 16:19:55| FD 54 Closing HTTP connection
> > 2002/01/24 16:19:55| DNS Socket created at 0.0.0.0, port 1043, FD 19
> > 2002/01/24 16:19:55| Adding nameserver 10.1.1.2 from
> /etc/resolv.conf
> > 2002/01/24 16:19:55| helperOpenServers: Starting 30
> 'squid_redirect.pl'
> > processes
> > 2002/01/24 16:19:55| Accepting HTTP connections at 0.0.0.0,
> port 80, FD
> 20.
> > 2002/01/24 16:19:55| Initialising SSL.
> > 2002/01/24 16:19:55| Using certificate in
> /usr/local/squid/etc/cert.pem
> > 2002/01/24 16:19:55| Using private key in
> /usr/local/squid/etc/key.pem
> > 2002/01/24 16:19:55| Accepting HTTPS connections at
> 10.1.1.2, port 443, FD
> > 55.
> > 2002/01/24 16:19:55| WCCP Disabled.
> > 2002/01/24 16:19:55| Loaded Icons.
> > 2002/01/24 16:19:55| Ready to serve requests.
> >
> > access.log when tried https://server.domain.com ----------------
> > 1011916037.433 4 10.1.1.30 TCP_NEGATIVE_HIT/400 849 GET
> > http://server.domain.com:443/ - NONE/- text/html
> >
> >
> > thanks,
> >
> > Mike
> > ----- Original Message -----
> > From: "Mike Lee" <mlee@netclimb.com>
> > To: <squid-users@squid-cache.org>
> > Sent: Thursday, January 24, 2002 3:09 PM
> > Subject: squid 2.5pre3 as ssl accelerator.
> >
> >
> > > Hi,
> > >
> > > I'm wondering if anyone can help me. I've gotten the
> httpd accelerator
> to
> > > work. I'm trying to get SSL Accel to work.
> > >
> > > Here is my squid.conf ----------
> > > http_port 80
> > > https_port 10.1.1.2:443 cert=/usr/local/squid/etc/cert.pem
> > > key=/usr/local/squid/etc/key.pem
> > > httpd_accel_host virtual
> > > httpd_accel_port 0
> > > httpd_accel_single_host off
> > > httpd_accel_with_proxy off
> > > httpd_accel_uses_host_header on
> > >
> > > redirect_program /usr/local/squid/bin/squid_redirect.pl
> > > redirect_children 30
> > > redirect_rewrites_host_header off
> > > -------------------------------------
> > >
> > >
> > > When client tries to get to the SSL site, error message comes up.
> > >
> > > Bad Request
> > > Your browser sent a request that this server could not understand.
> > > Reason: You're speaking plain HTTP to an SSL-enabled server port.
> > > Instead use the HTTPS scheme to access this URL, please.
> > >
> > >
> > > Hint: https://server.domain.com:443/
> >
> >
> --------------------------------------------------------------
> ------------
> > --
> > > ---------------
> > >
> > > To explain exactly what happens..
> > >
> > > Certificate window does show up. I click on ok to accept the
> certificate
> > > and this error message shows up.
> > >
> > > When i tcpdump on the target machine(real server), i
> don't even see any
> > > packets come in. So, i'm pretty sure it's the squid box
> that giving
> this
> > > error message back to the client..
> > >
> > >
> > >
> > > Help!!
> > >
> > > Mike
> > >
> > >
> >
>
Received on Sun Jan 27 2002 - 03:46:48 MST