Gavin, Can you attach the squid access log, openssl test prompts? Oh, and maybe error.log Thanks, -- Banyan He Network & Security Information System banyan@xxxxxxxxxxx On 5/1/09 12:11 AM, "Gavin McCullagh" <gavin.mccullagh@xxxxxx> wrote: > Hi, > > one of our Mac people has been complaining that he can't get into certain > SSL sites. I borrowed a MAC and found that these does indeed seem to be a > problem, though apparently not on all SSL sites (a login on www.bebo.com) > is an example that does give the problem. I'm not sure of this but it > looks like it might be where there's a POST request over SSL. > > I noticed this: > > http://www2.tr.squid-cache.org/mail-archive/squid-users/200709/0109.html > > so I tried turning off authentication and it worked. > > I'm using squid-2.6-stable18 which I'm well aware is old. Is this a bug in > squid or safari or is this known for sure? Does anyone know if an upgrade > to squid would sort it out? > > If not, I may have to put in an ACL either to allow: > > - all macs to be unauthenticated > - all SSL to be unauthenticated > - all requests with safari browser strings using SSL to be unauthenticated > > or something like that. Has anyone had to do this? Is there a known "best > way"? > > Thanks in advance, > Gavin > >