fre 2010-03-19 klockan 10:09 -0500 skrev Dean Weimer:
> Thanks for the info that worked, almost, I added the following entries.
>
> sslproxy_options NO_SSLv2
> sslproxy_cipher
> ALL:!aNULL:!eNULL:!LOW:!EXP:!ADH:!RC4+RSA:+HIGH:+MEDIUM:!SSLv2
sslproxy_* options is the wrong place. You as you discovered you need to
set these SSL parameters in the https_port line.
sslproxy_* parameters control what Squid requires on outgoing SSL
connections it makes when forwarding an https:// URL and not using a
peer... I very much doubt you need to care about these. There is two
main situations when Squid forwards https:// URLs
a) When requested by a client without native SSL support. I.e. old
versions of lynx.
b) When using a redirector to rewrite http:// URLs into https://
without usign a browser redirect.
C) an ssl reverse proxy configured with direct forwarding without
using cache_peer.
Regards
Henrik
Received on Sun Apr 04 2010 - 18:47:00 MDT
This archive was generated by hypermail 2.2.0 : Mon Apr 05 2010 - 12:00:03 MDT