Re: [squid-users] Does anyone know how to make https work?

From: Brian Lu <lyt0112@dont-contact.us>
Date: Thu, 24 Apr 2008 15:59:45 +0800

I see...Thank you very much~

Best regards
Brian Lu
----- Original Message -----
From: "Amos Jeffries" <squid3@treenet.co.nz>
To: "Brian Lu" <lyt0112@deansoft.com.tw>
Cc: "Amos Jeffries" <squid3@treenet.co.nz>; <squid-users@squid-cache.org>
Sent: Thursday, April 24, 2008 11:52 AM
Subject: Re: [squid-users] Does anyone know how to make https work?

>> Dear Amos
>> I have another question...
>> If it can't work in 3.0 or any 2.x,why can I setup https in transparent
>> mode?
>> Is it just reserve for ver 3.1?
>
> It's a side-effect of the way squid code is written. On https_port lines
> it will still enable the actions shared with the 'accel' option. But the
> transparency-specific code will still fail on encrypted traffic as you
> noticed.
>
> Amos
>
>>
>> ----- Original Message -----
>> From: "Amos Jeffries" <squid3@treenet.co.nz>
>> To: "Brian Lu" <lyt0112@deansoft.com.tw>
>> Cc: <squid-users@squid-cache.org>
>> Sent: Tuesday, April 22, 2008 2:50 PM
>> Subject: Re: [squid-users] Does anyone know how to make https work?
>>
>>
>>> Brian Lu wrote:
>>>> Hi All
>>>> I meet a problem:when I use https to access the web pages,my IE always
>>>> show me:
>>>> 1.If setuped cache_peer:
>>>> 錯誤
>>>> 欲連結之網址(URL)無法正確的傳回
>>>>
>>>> 當嘗試傳回下面的網址(URL)時:
>>>> https://www.chb.com.tw/wcm/web/home/index.html
>>>> 發生了下列的錯誤:
>>>> Unsupported Request Method and Protocol
>>>> 尚未支援的要求方式或通訊協定
>>>> Squid does not support all request methods for all access protocols.
>>>> For
>>>> example, you can not POST a Gopher request.
>>>> 因為 Squid (網路快取程式)並未支援所有的連結要求方式在各式通訊協定上。
>>>> 比如說,你不能要求@個 GOPHER 的 POST 連結要求。
>>>>
>>>> Generated Mon, 21 Apr 2008 05:22:30 GMT by proxy.seed.net.tw
>>>> (squid/2.5.STABLE11)
>>>>
>>>> 2.If no cache_peer:
>>>> ERROR
>>>> The requested URL could not be retrieved
>>>>
>>>> While trying to retrieve the URL:
>>>> https://www.chb.com.tw/wcm/web/home/index.html
>>>> The following error was encountered:
>>>> Connection to 210.65.204.245 Failed
>>>> The system returned:
>>>> (71) Protocol error
>>>> The remote host or network may be down. Please try the request again.
>>>> Your cache administrator is .
>>>>
>>>> Generated Mon, 21 Apr 2008 05:18:30 GMT by 192.168.1.254
>>>> (squid/3.0.STABLE2)
>>>>
>>>> My squid version:
>>>> [root@192 ]# squid -v
>>>> Squid Cache: Version 3.0.STABLE2
>>>> configure options: '--enable-ssl' '--enable-linux-netfilter'
>>>> '--enable-referer-log'
>>>>
>>>> My squid.conf:
>>> <snip>
>>>> http_port 3128 transparent
>>>> https_port 3129 cert=/usr/local/squid/etc/cert.pem
>>>> key=/usr/local/squid/etc/key.pem transparent
>>> <snip>
>>>
>>> HTTPS cannot be intercepted transparently in 3.0 or any 2.x
>>>
>>> You need to have 3.1 with sslBump enabled for thatt.
>>>
>>>
>>>>
>>>> Does anyone know how to make https work? thank you very much~
>>>>
>>>> Best regards,
>>>> Brian Lu
>>>
>>> (sorry if my txt is garbled, thunderbird seems not to like unicode
>>> editing)
>>>
>>> Amos
>>> --
>>> Please use Squid 2.6.STABLE19 or 3.0.STABLE4

>
Received on Thu Apr 24 2008 - 08:00:29 MDT

This archive was generated by hypermail 2.2.0 : Thu May 01 2008 - 12:00:04 MDT