Treker Chen wrote:
Dear all I downloaded squid-3.HEAD-20080528, compiled it with --enable-ssl --enable-icap-client. and configured squid.conf with SSL bump with the following setting http_port 3128 sslBump cert=/usr/local/squid/etc/apache.crt key=/usr/local/squid/etc/apache.pem ssl_bump allow all acl TrustedName url_regex ^https://weserve.badcerts.com/ acl BogusError ssl_error SQUID_X509_V_ERR_DOMAIN_MISMATCH sslproxy_cert_error allow TrustedName sslproxy_cert_error allow BogusError sslproxy_cert_error deny all I can access internet with squid for http without problem, but when i tried to access https site. The browser shows "Unable to forward this request at this time" and the cache.log shows 2008/05/28 14:04:49| Failed to select source for 'https://ebank.bot.com.tw/' Does anyone know how to fix this?
That error looks like your ACL are denying access somewhere. Is there a peer configured and never_direct lines anywhere?
You can trace the ACL actions in cache.log with debug_options ALL,1 28,9 Amos -- Please use Squid 2.7.STABLE1 or 3.0.STABLE6
