Re: [squid-users] Does anyone know how to make https work?

From: Amos Jeffries <squid3@dont-contact.us>
Date: Tue, 22 Apr 2008 18:50:57 +1200

Brian Lu wrote:
> Hi All
> I meet a problem:when I use https to access the web pages,my IE always
> show me:
> 1.If setuped cache_peer:
> ¿ù»~
> ±ý³sµ²¤§ºô§}¡]URL¡^µLªk¥¿½Tªº¶Ç¦^
>
> ·í¹Á¸Õ¶Ç¦^¤U­±ªººô§}¡]URL¡^®É¡G
> https://www.chb.com.tw/wcm/web/home/index.html
> µo¥Í¤F¤U¦Cªº¿ù»~¡G
> Unsupported Request Method and Protocol
> ©|¥¼¤ä´©ªº­n¨D¤è¦¡©Î³q°T¨ó©w
> Squid does not support all request methods for all access protocols. For
> example, you can not POST a Gopher request.
> ¦]¬° Squid ¡]ºô¸ô§Ö¨úµ{¦¡¡^¨Ã¥¼¤ä´©©Ò¦³ªº³sµ²­n¨D¤è¦¡¦b¦U¦¡³q°T¨ó©w¤W¡C
> ¤ñ¦p»¡¡A§A¤£¯à­n¨D¤@­Ó GOPHER ªº POST ³sµ²­n¨D¡C
>
> Generated Mon, 21 Apr 2008 05:22:30 GMT by proxy.seed.net.tw
> (squid/2.5.STABLE11)
>
> 2.If no cache_peer:
> ERROR
> The requested URL could not be retrieved
>
> While trying to retrieve the URL:
> https://www.chb.com.tw/wcm/web/home/index.html
> The following error was encountered:
> Connection to 210.65.204.245 Failed
> The system returned:
> (71) Protocol error
> The remote host or network may be down. Please try the request again.
> Your cache administrator is .
>
> Generated Mon, 21 Apr 2008 05:18:30 GMT by 192.168.1.254
> (squid/3.0.STABLE2)
>
> My squid version:
> [root@192 ]# squid -v
> Squid Cache: Version 3.0.STABLE2
> configure options: '--enable-ssl' '--enable-linux-netfilter'
> '--enable-referer-log'
>
> My squid.conf:
<snip>
> http_port 3128 transparent
> https_port 3129 cert=/usr/local/squid/etc/cert.pem
> key=/usr/local/squid/etc/key.pem transparent
<snip>

HTTPS cannot be intercepted transparently in 3.0 or any 2.x

You need to have 3.1 with sslBump enabled for thatt.

>
> Does anyone know how to make https work? thank you very much~
>
> Best regards,
> Brian Lu

(sorry if my txt is garbled, thunderbird seems not to like unicode editing)

Amos

-- 
Please use Squid 2.6.STABLE19 or 3.0.STABLE4
Received on Tue Apr 22 2008 - 13:05:28 MDT

This archive was generated by hypermail 2.2.0 : Thu May 01 2008 - 12:00:04 MDT