Well using the sslflags=DONT_VERIFY_PEER on the cache peer got us to a password prompt but still can't log in. Debug shows the following: 2007/06/01 08:51:43| fwdNegotiateSSL: Error negotiating SSL connection on FD 15: error:00000000:lib(0):func(0):reason(0) (5/0/0) 2007/06/01 08:51:43| TCP connection to 10.10.5.202/443 failed We tried the below cache effective user command with no success, even when we made openssl daemon user and did a chown on the logs and cache folder for it. Not sure what the s_client is for. We're so close, just need this last bit. -----Original Message----- From: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx] Sent: Thursday, May 31, 2007 5:38 PM To: Jason Hitt Cc: squid-users@xxxxxxxxxxxxxxx Subject: RE: Cert issue on reserve proxy tor 2007-05-31 klockan 14:59 -0500 skrev Jason Hitt: > From the squid box I can ping the web server by name and IP. Nmap to > both locations from my desktop shows 443 open and https is set to 443 > on the web box. Maybe I need a pass rule? As your cache_effective_user on the squid server try openssl s_client -connect webserver:443 Regards Henrik
