RE: [squid-users] Reverse Proxy Sticky Sessions

From: Peters, Noah <NPeters@dont-contact.us>
Date: Thu, 1 Feb 2007 17:05:47 -0500

All:

I discovered that the problem with the https goes away when I split the config and run two separate instances of squid, one for https and one for http. This is an acceptable configuration for me.

Thank you for your help.

-Noah Peters

> -----Original Message-----
> From: Peters, Noah [mailto:NPeters@timesunion.com]
> Sent: Thursday, February 01, 2007 1:07 PM
> To: Henrik Nordstrom
> Cc: Adrian Chadd; squid-users@squid-cache.org
> Subject: RE: [squid-users] Reverse Proxy Sticky Sessions
>
> Henrik:
>
> That fixed the http responses, but the cache_peers with "ssl" do not work
> with "sourcehash". I get the following in the cache.log and the squid
> process terminates:
>
> 2007/02/01 11:24:59| clientNegotiateSSL: Error negotiating SSL connection
> on FD 362: error:140943E8:SSL routines:SSL3_READ_BYTES:reason(1000) (1/0)
> 2007/02/01 11:34:20| clientNegotiateSSL: Error negotiating SSL connection
> on FD 320: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown
> ca (1/0)
>
> Here is the associated part of the config:
>
> http_port 167.x.y.20:80 vhost protocol=http
> https_port 167.x.y.20:443 protocol=https
> cert=/usr/local/squid/etc/cert.pem key=/usr/local/squid/etc/squid.key
> defaultsite=www.xy.com
> cache_peer 167.x.y.86 parent 443 0 ssl sourcehash no-query originserver
> name=ssl-tuweb2a sslflags=DONT_VERIFY_PEER login=PASS
> cache_peer 167.x.y.85 parent 443 0 ssl sourcehash no-query originserver
> name=ssl-tuweb1a sslflags=DONT_VERIFY_PEER login=PASS
> cache_peer 167.x.y.200 parent 443 0 ssl sourcehash no-query originserver
> name=ssl-tuweb3a sslflags=DONT_VERIFY_PEER login=PASS
> cache_peer 167.x.y.200 parent 80 0 sourcehash no-query originserver
> name=tuweb3a login=PASS
> cache_peer 167.x.y.85 parent 80 0 sourcehash no-query originserver
> name=tuweb1a login=PASS
> cache_peer 167.x.y.86 parent 80 0 sourcehash no-query originserver
> name=tuweb2a login=PASS
>
> Thanks,
>
> Noah Peters
>
> > -----Original Message-----
> > From: Henrik Nordstrom [mailto:henrik@henriknordstrom.net]
> > Sent: Wednesday, January 31, 2007 6:02 PM
> > To: Peters, Noah
> > Cc: Adrian Chadd; squid-users@squid-cache.org
> > Subject: RE: [squid-users] Reverse Proxy Sticky Sessions
> >
> > mån 2007-01-29 klockan 09:55 -0500 skrev Peters, Noah:
> >
> > > I am using Version 2.6.STABLE6.
> >
> > See the srchash load balancing option.
> >
> > Regards
> > Henrik
Received on Thu Feb 01 2007 - 15:06:03 MST

This archive was generated by hypermail pre-2.1.9 : Thu Mar 01 2007 - 12:00:01 MST