> Dear Amos > I have another question... > If it can't work in 3.0 or any 2.x,why can I setup https in transparent > mode? > Is it just reserve for ver 3.1? It's a side-effect of the way squid code is written. On https_port lines it will still enable the actions shared with the 'accel' option. But the transparency-specific code will still fail on encrypted traffic as you noticed. Amos > > ----- Original Message ----- > From: "Amos Jeffries" <squid3@xxxxxxxxxxxxx> > To: "Brian Lu" <lyt0112@xxxxxxxxxxxxxxx> > Cc: <squid-users@xxxxxxxxxxxxxxx> > Sent: Tuesday, April 22, 2008 2:50 PM > Subject: Re: Does anyone know how to make https work? > > >> Brian Lu wrote: >>> Hi All >>> I meet a problem:when I use https to access the web pages,my IE always >>> show me: >>> 1.If setuped cache_peer: >>> ¿ù»~ >>> ±ý³sµ²¤§ºô§}¡]URL¡^µLªk¥¿½Tªº¶Ç¦^ >>> >>> ·í¹Á¸Õ¶Ç¦^¤U±ªººô§}¡]URL¡^®É¡G >>> https://www.chb.com.tw/wcm/web/home/index.html >>> µo¥Í¤F¤U¦Cªº¿ù»~¡G >>> Unsupported Request Method and Protocol >>> ©|¥¼¤ä´©ªºn¨D¤è¦¡©Î³q°T¨ó©w >>> Squid does not support all request methods for all access protocols. >>> For >>> example, you can not POST a Gopher request. >>> ¦]¬° Squid ¡]ºô¸ô§Ö¨úµ{¦¡¡^¨Ã¥¼¤ä´©©Ò¦³ªº³sµ²n¨D¤è¦¡¦b¦U¦¡³q°T¨ó©w¤W¡C >>> ¤ñ¦p»¡¡A§A¤£¯àn¨D¤@Ó GOPHER ªº POST ³sµ²n¨D¡C >>> >>> Generated Mon, 21 Apr 2008 05:22:30 GMT by proxy.seed.net.tw >>> (squid/2.5.STABLE11) >>> >>> 2.If no cache_peer: >>> ERROR >>> The requested URL could not be retrieved >>> >>> While trying to retrieve the URL: >>> https://www.chb.com.tw/wcm/web/home/index.html >>> The following error was encountered: >>> Connection to 210.65.204.245 Failed >>> The system returned: >>> (71) Protocol error >>> The remote host or network may be down. Please try the request again. >>> Your cache administrator is . >>> >>> Generated Mon, 21 Apr 2008 05:18:30 GMT by 192.168.1.254 >>> (squid/3.0.STABLE2) >>> >>> My squid version: >>> [root@192 ]# squid -v >>> Squid Cache: Version 3.0.STABLE2 >>> configure options: '--enable-ssl' '--enable-linux-netfilter' >>> '--enable-referer-log' >>> >>> My squid.conf: >> <snip> >>> http_port 3128 transparent >>> https_port 3129 cert=/usr/local/squid/etc/cert.pem >>> key=/usr/local/squid/etc/key.pem transparent >> <snip> >> >> HTTPS cannot be intercepted transparently in 3.0 or any 2.x >> >> You need to have 3.1 with sslBump enabled for thatt. >> >> >>> >>> Does anyone know how to make https work? thank you very much~ >>> >>> Best regards, >>> Brian Lu >> >> (sorry if my txt is garbled, thunderbird seems not to like unicode >> editing) >> >> Amos >> -- >> Please use Squid 2.6.STABLE19 or 3.0.STABLE4 >> >> __________ NOD32 3044 (20080421) Information __________ >> >> This message was checked by NOD32 antivirus system. >> http://www.nod32.com.hk >> >> > >
