Re: [squid-users] understanding ssl entries in the cache log

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Fri, 6 Sep 2002 09:46:33 +0200

Good question. Have never used the debug messages of ssl.c. In fact
there isn't much to say about "ssl" connections in terms of Squid as
Squid only sets up a bidirectional tunnel for forwarding the traffic
when receiving a CONNECT request, it does not at all look at the data
sent via this tunnel (all is supposedly end-to-end encrypted).

The descriptions to the debug messages is the source code.

What kind of differences have you found?

If I were you I would probably start by running ssldump on the outside
leg of the proxy to try to take a peek at the actual SSL stream.
(full decoding only possible if you have access to the servers
private key).

Regards
Henrik

On Friday 06 September 2002 03.37, Noel Clarkson wrote:
> Hi all,
>
> I'm trying to find a problem with a ssl connection and so have
> turned on the ssl debugging in the cache and have found that my two
> connections give different results (one connection works the other
> doesn't). This is good, but I don't really understand what the log
> is telling me so I don't know where to look next. Is there a
> description of what I should see in a normal connection or of what
> the ssl lines in the cache.log mean somewhere?
>
> cheers,
>
> noel
Received on Fri Sep 06 2002 - 01:47:03 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:08 MST