Hi Chris, Okay - I've followed those instructions and squid reloads the configuration file without any issues. Browsing on port 8080 works, but once again 443 is challenging me for my credentials even though I have turned off all authentication. The thing about squid is, it is selecting the correct proxy (or cache_peer), however, it is not sending the proxy authentication headers (login details) to the upstream proxy in the case of the HTTPS (CONNECT method) requests. I have no idea why not, and suspect a bug/glitch in squid it's self. Could this be looked at? I'm not sure how to do this. Or how I prove it it a bug. Cheers GJE On Fri May 4 0:08 , Chris Robertson <crobertson@xxxxxxx> sent: >Gareth Edmondson wrote: >> Hi Amos >> >> Thanks for that. The lines are as follows: >> >> #TAG: cache_peer_access >> cache_peer_access proxyssl allow CONNECT >> cache_peer_access proxyssl deny all >> cache_peer_access deny CONNECT >> cache_peer_access allow all >> >> As for the cache_peer lines they are as follows: >> >> #TAG: cache_peer >> cache_peer parent 8080 7 no-digest no-query >> no-net-db-exchange default login=username:password >> cache_peer proxyssl parent 443 no-digest no-query no-net-db-exchange >> default login=username:password >> >> Where username and password are our values. proxyssl is defined in the >> hosts file because I don't quite understand how to use the name= tag >> in Squid (I must read up about it). > >That would be the reason you are being prompted for password a second >time. Squid has no way of knowing that these are the same upstream proxy. > >What you want to do is... > >cache_peer parent 8080 7 no-digest no-query >no-net-db-exchange default login=username:password name=proxy >cache_peer parent 443 7 no-digest no-query >no-net-db-exchange default login=username:password name=proxyssl > >cache_peer_access proxyssl allow CONNECT >cache_peer_access proxyssl deny all >cache_peer_access proxy deny CONNECT >cache_peer_access proxy allow all > >...which informs Squid that even though both proxy definitions use the >same machine, they have different purposes, and defines what those >purposes are. > >> >> >From some tests we have run, we can tell that the Squid proxy is not >> sending the proxy authorisation headers (username and password) to the >> upstream proxy SSL proxy. I'm assuming this is due to a configuration >> error. >> >> The passwords for the two proxies (8080 and 443) are the same as they >> always have been. >> >> Can anyone gleam anything from that? >> >> Cheers >> >> Gareth > >Chris
