Re: [squid-users] Issues with ssl-bump in 3.HEAD

From: Eliezer Croitoru <eliezer_at_ngtech.co.il>
Date: Tue, 17 Jun 2014 02:22:33 +0300

It can be one of couple:
Origin server is denying the request with a 403(should be showed with a
TCP_MISS)
Squid is obeying rules that you are not aware about
Squid was not shutdown correctly before startup\restart
Others such as bugs etc..
(In the next squid release I will write about *why* computers are not
always right!!!!)

Anyway the basic thing to do is to take your settings and push it into a
text editor, then validate the acls and rules order each and one of them.
If the connection is being denied you can try to use a bad rule such as:
http_access allow all
as the first line in squid.conf and make sure it works.
If then it won't work the next step will be to debug squid.

By the way 3.4 RPMs from my repo has ssl_crtd and works fine for all my
servers and until now testers.(there was one that was not built on my
local build-node and had an issue)
And you can have one build-node to build a rpm that will fit *all* of
your servers without the need to compile it on each and everyone of your
servers.(just a side note)

Regards,
Eliezer

On 06/17/2014 01:30 AM, Mike wrote:
> So any idea why this one system is always showing the TCP denied on the
> secure sites despite having same settings as other servers at the same
> location?
>
> Thanks,
> Mike
Received on Mon Jun 16 2014 - 23:24:48 MDT

This archive was generated by hypermail 2.2.0 : Tue Jun 17 2014 - 12:00:06 MDT