According to the following link, JRE 1.6.0_14 still does not add "Proxy-Connection: Keep-Alive" header along a NTLM negotiation when trying to establish a secure connection (HTTPS). As a result, proxy aborts negotiation and closes the connection. http://stackoverflow.com/questions/1326849/java-6-ntlm-proxy-authentication-and-https-has-anyone-got-it-to-work I've saw two approaches to circumvent the problem: to allow access to a list of affected sites before any authentication; to allow access to 'acl Java browser Java/1.[456]' before any authentication. Could this be an alternative? acl KEEP-ALIVE req_header Proxy-Connection -i Keep-Alive http_access allow !KEEP-ALIVE // before any authentication (or http_access allow !KEEP-ALIVE CONNECT) What is the best way? I'm running Squid 2.7 STABLE7 on Windows. Thanks.
