[squid-users] "Access denied" pages for HTTPS requests from Vonlanthen, Elmar on 2010-11-15 (squid-users)

From: Vonlanthen, Elmar <Elmar.Vonlanthen_at_united-security-providers.ch>
Date: Mon, 15 Nov 2010 16:23:34 +0100

Hello all

I have the following setup:

- Windows client with Internet Explorer and configured squid proxy for
HTTP *and* HTTPS.
- Squid 3.1.8 as proxy
- Squid access rule:
acl facebook url_regex facebook.com
http_access deny facebook

If the client is trying to connect to https://www.facebook.com, the IE
cannot display the squid "access denied" page (IE displays the default
message "Cannot display the website"). It makes sense, because squid
cannot send the error page back via HTTP, if the client is sending a
CONNECT request.

But is there any possiblility to do this anyway?

I did some tests with ssl_bump, deny_info, url_rewrite but wasn't
successful. I wonder if I am the only person with this problem.

Any ideas?

Thanks for any help.

Best regards
Elmar

application/x-pkcs7-signature attachment: smime.p7s

Received on Mon Nov 15 2010 - 15:23:53 MST

This archive was generated by hypermail 2.2.0 : Mon Nov 15 2010 - 12:00:02 MST