Hi All, I have successfully configured reverse proxy, But have issue with RCP over https Testing my setup with the following link https://www.testexchangeconnectivity.com/ have the below error Attempting to ping RPC Endpoint 6001 (Exchange Information Store) on server hubsexchange.airarabiauae.com Failed to ping Endpoint Additional Details An RPC Error was thrown by the RPC Runtime. Error 1818 1818 What could be the problem? squid -v ========================================================== Squid Cache: Version 2.7.STABLE6 configure options: '--host=x86_64-redhat-linux-gnu' '--build=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--exec_prefix=/usr' '--bindir=/usr/sbin' '--libexecdir=/usr/lib64/squid' '--localstatedir=/var' '--datadir=/usr/share' '--sysconfdir=/etc/squid' '--enable-epoll' '--enable-snmp' '--enable-removal-policies=heap,lru' '--enable-storeio=aufs,coss,diskd,null,ufs' '--enable-ssl' '--with-openssl=/usr/kerberos' '--enable-delay-pools' '--enable-linux-netfilter' '--enable-linux-tproxy' '--with-pthreads' '--enable-ntlm-auth-helpers=SMB,fakeauth' '--enable-external-acl-helpers=ip_user,ldap_group,unix_group,wbinfo_group' '--enable-auth=basic,digest,ntlm,negotiate' '--enable-digest-auth-helpers=password' '--enable-useragent-log' '--enable-referer-log' '--disable-dependency-tracking' '--enable-cachemgr-hostname=localhost' '--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SMB,YP,getpwnam,multi-domain-NTLM,SASL' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-cache-digests' '--enable-ident-lookups' '--enable-follow-x-forwarded-for' '--enable-wccpv2' '--enable-x-accelerator-vary' '--enable-xmalloc-statistics' '--enable-icmp' '--enable-kill-parent-hack' '--enable-arp-acl' '--enable-default-err-language=English' '--enable-err-languages=English' '--disable-http-violations' '--enable-large-cache-files' '--with-dl' '--with-maxfd=16384' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'target_alias=x86_64-redhat-linux' 'CFLAGS=-fPIE -Os -g -pipe -fsigned-char -O2 -g -m64 -mtune=generic' 'LDFLAGS=-pie' ========================================================== squid.conf as below ========================================= acl all src all acl manager proto cache_object acl localhost src 127.0.0.1/32 10.200.8.20 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl PURGE method PURGE acl localnet src 10.200.2.0/24 acl snmppublic snmp_community public acl OWA dstdomain mail.airarabia.ae http_access allow manager localhost http_access deny manager http_access allow localhost PURGE http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow OWA all http_access allow localnet http_access allow localhost http_access deny all icp_access allow localnet icp_access deny all miss_access allow OWA reply_body_max_size 52428800 allow all follow_x_forwarded_for allow localnet follow_x_forwarded_for allow localhost follow_x_forwarded_for deny all acl_uses_indirect_client on delay_pool_uses_indirect_client on log_uses_indirect_client on ssl_unclean_shutdown on sslproxy_flags DONT_VERIFY_PEER http_port 8080 http_port 10.200.8.20:80 accel defaultsite=mail.airarabia.ae vhost https_port 10.200.8.20:443 accel \ cert=/etc/squid/keys/airarabia_key.pem \ key=/etc/squid/keys/airarabia_key.pem defaultsite=mail.airarabia.ae cache_peer proxy1.emirates.net.ae parent 8080 0 no-query default cache_peer mail.airarabia.ae parent 443 0 no-query \ originserver front-end-https=on login=PASS name=owaServer \ ssl sslcert=/etc/squid/keys/airarabia_crt.pem \ sslkey=/etc/squid/keys/airarabia_key.pem sslflags=DONT_VERIFY_PEER cache_peer_access owaServer allow OWA cache_peer_access proxy1.emirates.net.ae allow !OWA hierarchy_stoplist cgi-bin ? cache_mem 600 MB maximum_object_size_in_memory 20 KB memory_replacement_policy heap GDSF cache_replacement_policy heap GDSF cache_dir aufs /cache 29000 16 256 store_dir_select_algorithm least-load max_open_disk_fds 0 minimum_object_size 0 KB maximum_object_size 1096 MB cache_swap_low 90 cache_swap_high 95 logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A % mt logformat mysql_columns %ts.%03tu %6tr %>a %Ss %03Hs %<st %rm %ru %un % Sh %<A %mt access_log /var/log/squid/access.log squid access_log daemon:/usr/lib64/squid/db.cf mysql_columns logfile_daemon /usr/lib64/squid/logmysqldb_daemon cache_log /var/log/squid/cache.log cache_store_log /var/log/squid/store.log logfile_rotate 30 emulate_httpd_log on log_ip_on_direct on mime_table /etc/squid/mime.conf log_mime_hdrs on useragent_log /var/log/squid/useragent.lo referer_log /var/log/squid/referer.log pid_filename /var/run/squid.pid debug_options ALL,1 log_fqdn off strip_query_terms on buffered_logs off netdb_filename /var/log/squid/netdb.state ftp_list_width 64 ftp_passive on ftp_sanitycheck on ftp_telnet_protocol on diskd_program /usr/lib64/squid/diskd-daemon unlinkd_program /usr/lib64/squid/unlinkd pinger_program /usr/lib64/squid/pinger refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 read_ahead_gap 16 KB negative_ttl 2 minutes positive_dns_ttl 9 hours negative_dns_ttl 1 minute minimum_expiry_time 30 seconds store_objects_per_bucket 15 request_header_max_size 20 KB reply_header_max_size 25 KB request_body_max_size 50 MB acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9] upgrade_http0.9 deny shoutcast cache_vary on acl apache rep_header Server ^Apache broken_vary_encoding allow apache collapsed_forwarding off extension_methods RPC_IN_DATA RPC_OUT_DATA shutdown_lifetime 30 seconds cache_mgr Rusol <rskender@xxxxxxxxxxxxx> mail_from Rusol <rskender@xxxxxxxxxxxxx> mail_program mail cache_effective_user squid cache_effective_group squid httpd_suppress_version_string on visible_hostname vsquid-01-shj umask 027 snmp_port 3401 snmp_access allow snmppublic localhost snmp_access deny all icon_directory /usr/share/squid/icons global_internal_static on short_icon_urls on nonhierarchical_direct on prefer_direct off never_direct allow OWA never_direct allow all max_filedescriptors 0 check_hostnames off allow_underscore on dns_timeout 2 minutes hosts_file /etc/hosts ignore_unknown_nameservers on ipcache_size 2048 ipcache_low 90 ipcache_high 95 fqdncache_size 1024 forwarded_for off cachemgr_passwd disable all client_db off uri_whitespace strip coredump_dir /var/spool/squid windows_ipaddrchangemonitor off ========================================================== //Remy ------------------------------------------------------------------------------ Disclaimer and Confidentiality This material has been checked for computer viruses and although none has been found, we cannot guarantee that it is completely free from such problems and do not accept any liability for loss or damage which may be caused. Please therefore check any attachments for viruses before using them on your own equipment. If you do find a computer virus please inform us immediately so that we may take appropriate action. This communication is intended solely for the addressee and is confidential. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. The views expressed in this message are those of the individual sender, and may not necessarily be that of ISA.
