Hi There I've just setup a Squid proxy hosted on EC2 between my users and a Google AppEngine application. (Google AppEngine currently doesn't support custom domain SSL, so this is the only way to do it.) (I was following the instructions here: http://blog.earlystageit.com/2010/07/10/gae-proxy/) The proxy seems to be working, except every now and then (about every 5 - 6 page views) I receive an error in the browser: ERROR The requested URL could not be retrieved While trying to retrieve the URL: https://xxxxx.appspot.com/handlerName The following error was encountered: Connection to 74.125.53.141 Failed The system returned: (71) Protocol error The remote host or network may be down. Please try the request again. I also see this error in the cache.log: fwdNegotiateSSL: Error negotiating SSL connection on FD 16: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol (1/-1/0) My squid config looks like thsi: cache_effective_user squid cache_effective_group squid retry_on_error on acl all src 0.0.0.0/0.0.0.0 acl Safe_ports port 443 acl gae dstdomain xxxxx.appspot.com visible_hostname secure.xxxxx.com https_port 443 cert=/path/to.crt key=/path/to.pem defaultsite=xxxxx.appspot.com cache_peer xxxxx.appspot.com parent 443 0 no-query originserver ssl sslflags=DONT_VERIFY_PEER name=appspot cache_peer_access appspot allow gae always_direct allow gae http_access allow gae Safe_ports http_access deny all debug_options ALL,1 My question is: a) What does the error mean? Is there a problem reaching the Google servers? Is there a problem with their certificate? Why does the problem happen some times but not others? b) Have I set this up correctly? c) Is there a better way to do it? (I've tried adding a connect_timeout, but that didn't seem to help...) Thanks so much for your help! Cheers Mike -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Trouble-between-Squid-and-SSL-proxied-host-tp2539814p2539814.html Sent from the Squid - Users mailing list archive at Nabble.com.
