Christian Keil wrote:
Hello,
I was trying to get my Local Lan Squid Proxy to connect trough SSL to
my dedicated Server on the internet.
I have set it up as parent proxy in my squid.conf on my lan by adding :
cache_peer externalserverip parent 8080 3130 default ssl
sslcert=/etc/ssl/squid.crt sslkey=/etc/ssl/squid.key sslversion=1
I created the squid.crt & squid.key by myself.
on the external machine I have added:
https_port 8080 cert=/etc/ssl/squid.pem version=1
I have double chceked that the squid user is able to read
squid.crt/squid.key & squid.pem
My logfiles show the following:
SNIP
The Browser shows the following error :
While trying to retrieve the URL: http://www.google.de/
The following error was encountered:
Connection to parentproxyip Failed
The system returned: (71) Protocol error
SNIP
Thanks for any help.
Kind Regards
Christian Keil
I imagine you are using a self-signed certificate. If so, try
cache_peer externalserverip parent 8080 3130 default ssl
sslcert=/etc/ssl/squid.crt sslkey=/etc/ssl/squid.key
sslcafile=/etc/ssl/squid.pem version=1
or (the less secure option)
cache_peer externalserverip parent 8080 3130 default ssl
sslflags=DONT_VERIFY_PEER
See http://www.squid-cache.org/mail-archive/squid-users/200706/0136.html
Feel free to dump the "(ssl)version=1", but make sure you do so on both
the parent and child.
Chris
