fre 2010-03-19 klockan 10:09 -0500 skrev Dean Weimer: > Thanks for the info that worked, almost, I added the following entries. > > sslproxy_options NO_SSLv2 > sslproxy_cipher > ALL:!aNULL:!eNULL:!LOW:!EXP:!ADH:!RC4+RSA:+HIGH:+MEDIUM:!SSLv2 sslproxy_* options is the wrong place. You as you discovered you need to set these SSL parameters in the https_port line. sslproxy_* parameters control what Squid requires on outgoing SSL connections it makes when forwarding an https:// URL and not using a peer... I very much doubt you need to care about these. There is two main situations when Squid forwards https:// URLs a) When requested by a client without native SSL support. I.e. old versions of lynx. b) When using a redirector to rewrite http:// URLs into https:// without usign a browser redirect. C) an ssl reverse proxy configured with direct forwarding without using cache_peer. Regards Henrik
