fre 2011-01-21 klockan 11:31 +0100 skrev Ralf Hildebrandt: > > >1294685115.286 0 10.43.120.109 NONE/501 4145 POST https://enis.eurotransplant.nl/donor-webservice/dpa?WDSL - HIER_NONE/- text/html > > So, I enabled SSL using --enable-ssl and now I'm getting: > > 1295605546.943 313 141.42.231.227 TCP_MISS/503 4251 GET https://enis.eurotransplant.nl/donor-webservice/dpa?WDSL - HIER_DIRECT/194.151.178.174 text/html > and the error output consists of the ERR_SECURE_CONNECT_FAIL error message In both cases Squid received an https:// request unencrypted over plain HTTP. In the first case, as your Squid did not have SSL support if could not forward the request at all, as it can not wrap the unencrypted request in SSL/TLS for forwardning to the requested server. In the section case Squid and the server did not agree on the SSL protocol. If using this http->https gatewaying capability then you should configure Squid to not use SSLv2. SSLv2 is considered broken beyond repair these days. See sslproxy_options for how to tune this in Squid. Regards Henrik
