[squid-users] squid 3.1 - endless loop IIS webserver

From: kadvar <kadvar_at_gmail.com>
Date: Sun, 11 Mar 2012 22:53:28 -0700 (PDT)

Hi,

I have searched for other posts with the same problem but the workarounds
that worked for them did'nt work for me. I am trying to configure a squid
reverse proxy with ssl support. I have squid on 192.168.124.41 with apache
on 127.0.0.1 on the same box. I also have two other webservers (1 apache, 1
IIS). Squid is configured to direct any requests for asp pages to iis and
the rest to the apache machine.

I have also configured squid to use https, the programmer has set up a 302
redirect on the iis machine so that visiting http://example.com/Login.aspx
redirects to https://example.com/Login.aspx. Squid redirects fine but after
that gives me a "The page isn't redirecting properly". Running wget shows
that squid is going into an endless loop. I have reproduced squid.conf and
also the wget output below.

$wget --no-check http://192.168.124.41/Login.aspx
--2012-03-12 11:06:53-- http://192.168.124.41/Login.aspx
Connecting to 192.168.124.41:80... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: https://example.com/Login.aspx [following]
--2012-03-12 11:06:53-- https://example.com/Login.aspx
Resolving example.com... 192.168.124.41
Connecting to example.com|192.168.124.41|:443... connected.
WARNING: cannot verify example.com’s certificate, issued by
β€œ/C=IN/ST=AP/L=Default City/O=Default Company
Ltd/CN=example.com/emailAddress=admin_at_example.com”:
  Unable to locally verify the issuer’s authority.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: https://example.com/memberplanet/Login.aspx [following]
 
and so on..............

##########################
squid.conf
#########################
http_port 192.168.124.41:80 accel defaultsite=example.com

https_port 192.168.124.41:443 accel
cert=/usr/newrprgate/CertAuth/testcert.cert
key=/usr/newrprgate/CertAuth/testkey.pem defaultsite=example.com

acl rx_aspx urlpath_regex -i \.asp[x]*

cache_peer 192.168.124.169 parent 80 0 no-query no-digest originserver
name=aspserver
cache_peer_access aspserver allow rx_aspx
cache_peer_access aspserver deny all

cache_peer 127.0.0.1 parent 80 0 no-query originserver name=wb1
cache_peer_access wb1 deny rx_aspx

acl origin_servers dstdomain .example.com
http_access allow origin_servers
http_access deny all
###########################

I'd appreciate it if someone could give me some clues as to what I'm doing
wrong.

Thanks,
Adi

--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/squid-3-1-endless-loop-IIS-webserver-tp4465329p4465329.html
Sent from the Squid - Users mailing list archive at Nabble.com.
Received on Mon Mar 12 2012 - 05:53:30 MDT

This archive was generated by hypermail 2.2.0 : Mon Mar 12 2012 - 12:00:04 MDT