[squid-users] HTTPS sites from Fernando Ruza on 2003-05-26 (squid-users)

From: Fernando Ruza <fernandor@dont-contact.us>
Date: 26 May 2003 10:13:33 +0200

Hi everybody,

I'm having a strange problem browsing https sites. I can access and
browse to https sites well however, when I access to my bank account for
example, sometimes when I login with my Bank user account I cannot
access to my movement details and other times I can access but when I
try to make any operation I lost the connection to my account and I have
to login again but it happens the same again.

It's something very strange because my proxy is a child of another squid
proxy and if I do anything jumping my proxy and pointing the browser
directly to the parent proxy everything goes right, I can access and
browse inside my bank account making any operation in the site without
any problem. I suppose is a https/ssl misconfigured option or something
like that in my child proxy but I don't know what could be wrong.

I use Debian Sid 2.4.20 and Squid version:

luna:~# squid -v
Squid Cache: Version 2.5.STABLE2
configure options: --prefix=/home/fruza/tmp/Curro/Squid/squid
--enable-auth=basic,ntlm --enable-basic-auth-helpers=winbind
--enable-ntlm-auth-helpers=winbind --enable-ssl --with-openssl=/usr

with the following options in the squid.conf configuration file:

http_port 8080
cache_peer proxy.jclm.es parent 8080 0 proxy-only default no-query
no-digest
ssl_unclean_shutdown on

auth_param basic program /usr/local/bin/smb_auth -W HGUV
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl acceso_internet src 10.36.192.0/22 localhost
acl domainusers proxy_auth REQUIRED
acl SSL method CONNECT

http_access allow localhost
http_access deny !acceso_internet
http_access allow acceso_internet domainusers
http_reply_access allow all
icp_access allow all
http_access deny all

visible_hostname luna

never_direct allow all

coredump_dir /var/spool/squid

Thanks in advance for any reply,

Fernando.

--
Yo uso software libre, ¿Y tu?
¿Qué es el software libre? consulta: http://www.gnu.org/philosophy/free-sw.es.html
Fernando Ruza
e-mail: feruza@terra.es
Tlf: 661123845
Yahoo! Messenger id: fruza
Linux user: #273644 (http://counter.li.org)
Debian Sid (Kernel 2.4.20 & ext3)
"In an internet without fences ... who needs 'gates'"

Received on Mon May 26 2003 - 02:14:07 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:02 MST