Re: [squid-users] Re: SSLBump, help to configure for 3.1.0.16

From: Henrik Nordstrom <henrik_at_henriknordstrom.net>
Date: Thu, 18 Feb 2010 09:38:42 +0100

ons 2010-02-17 klockan 22:40 -0700 skrev Alex Rousskov:
> On 02/16/2010 12:54 PM, Andres Salazar wrote:
> > Hello,
> >
> > Iam still having issues with SSLBump .. apparently iam now getting
> > this error when I visit an https site with my browser explicity
> > configured to use the https_port .
> >
> > 2010/02/16 14:31:14| clientNegotiateSSL: Error negotiating SSL
> > connection on FD 8: error:1407609B:SSL
> > routines:SSL23_GET_CLIENT_HELLO:https proxy request (1/-1)

This error is seen if a browser is configured to use a Squid https_port
as HTTP proxy port for secure (SSL/TLS) connections. To be exact it's
from the OpenSSL library where the library barfs at receiving an HTTP
CONNECT request where an SSL/TLS handshake was expected.

For explicit proxy configuration the browser must be configured to use a
Squid http_port.

Regards
Henrik
Received on Thu Feb 18 2010 - 08:37:38 MST

This archive was generated by hypermail 2.2.0 : Tue Feb 23 2010 - 12:00:06 MST