Re: [squid-users] HTTPS sites

Hi, nobody can give any clue regarding the problem I posted (enclosed
below) ??
Please, if anyone need further information, let me know.

Thanks in advance,

Fernando.

El lun, 26 de 05 de 2003 a las 10:13, Fernando Ruza escribió:
> Hi everybody,
>
> I'm having a strange problem browsing https sites. I can access and
> browse to https sites well however, when I access to my bank account for
> example, sometimes when I login with my Bank user account I cannot
> access to my movement details and other times I can access but when I
> try to make any operation I lost the connection to my account and I have
> to login again but it happens the same again.
>
> It's something very strange because my proxy is a child of another squid
> proxy and if I do anything jumping my proxy and pointing the browser
> directly to the parent proxy everything goes right, I can access and
> browse inside my bank account making any operation in the site without
> any problem. I suppose is a https/ssl misconfigured option or something
> like that in my child proxy but I don't know what could be wrong.
>
> I use Debian Sid 2.4.20 and Squid version:
>
> luna:~# squid -v
> Squid Cache: Version 2.5.STABLE2
> configure options: --prefix=/home/fruza/tmp/Curro/Squid/squid
> --enable-auth=basic,ntlm --enable-basic-auth-helpers=winbind
> --enable-ntlm-auth-helpers=winbind --enable-ssl --with-openssl=/usr
>
> with the following options in the squid.conf configuration file:
>
> http_port 8080
> cache_peer proxy.jclm.es parent 8080 0 proxy-only default no-query
> no-digest
> ssl_unclean_shutdown on
>
> auth_param basic program /usr/local/bin/smb_auth -W HGUV
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
>
> acl all src 0.0.0.0/0.0.0.0
> acl localhost src 127.0.0.1/255.255.255.255
> acl acceso_internet src 10.36.192.0/22 localhost
> acl domainusers proxy_auth REQUIRED
> acl SSL method CONNECT
>
> http_access allow localhost
> http_access deny !acceso_internet
> http_access allow acceso_internet domainusers
> http_reply_access allow all
> icp_access allow all
> http_access deny all
>
> visible_hostname luna
>
> never_direct allow all
>
> coredump_dir /var/spool/squid
>
>
> Thanks in advance for any reply,
>
> Fernando.
>
> --
> Yo uso software libre, ¿Y tu?
> ¿Qué es el software libre? consulta: http://www.gnu.org/philosophy/free-sw.es.html
>
> Fernando Ruza
> e-mail: feruza@terra.es
> Tlf: 661123845
> Yahoo! Messenger id: fruza
> Linux user: #273644 (http://counter.li.org)
> Debian Sid (Kernel 2.4.20 & ext3)
>
> "In an internet without fences ... who needs 'gates'"

--
Yo uso software libre, ¿Y tu?
¿Qué es el software libre? consulta: http://www.gnu.org/philosophy/free-sw.es.html
Fernando Ruza
e-mail: feruza@terra.es
Tlf: 661123845
Yahoo! Messenger id: fruza
Linux user: #273644 (http://counter.li.org)
Debian Sid (Kernel 2.4.20 & ext3)
"In an internet without fences ... who needs 'gates'"