Re: [squid-users] Configuring cache_peer to use ssl

From: Jancs <jancs_at_dv.lv>
Date: Thu, 15 May 2008 19:16:53 +0300

Quoting Henrik Nordstrom <henrik_at_henriknordstrom.net>:

> On tor, 2008-05-15 at 11:27 +0300, Jancs wrote:
>
>> 2008/05/15 11:20:04| clientNegotiateSSL: Error negotiating SSL
>> connection on FD 17: error:1407609B:SSL
>> routines:SSL23_GET_CLIENT_HELLO:https proxy request (1/-1)
>
> This means a proxy client contacted a https_port when it should have
> talked to a http_port.

didn't got:

i am on my machine trying to contact https://sourceforge.net/my/, my
browser contacts "slave" cache, which in it's order connects to parent
cache using ssl and parent is supposed to connect to the site I want.
In no place use of http_port is intended

actually, broken session in log shows so:

-----BEGIN SSL SESSION PARAMETERS-----
...
-----END SSL SESSION PARAMETERS-----
follwed with 10 of

2008/05/15 18:58:40| clientNegotiateSSL: Error negotiating SSL
connection on FD 16: error:1407609B:SSL
routines:SSL23_GET_CLIENT_HELLO:https proxy
  request (1/-1)

normally (not connection to explicit https sites), only
-----BEGIN SSL SESSION PARAMETERS-----
...
-----END SSL SESSION PARAMETERS-----
are observed and i hope, the communications between proxies are going
on over secure channel

Janis

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
Received on Thu May 15 2008 - 16:17:05 MDT

This archive was generated by hypermail 2.2.0 : Tue Aug 05 2008 - 01:05:13 MDT