Search squid archive

Re: Re: Configuring Squid to Proxy HTTPS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Amos,

Thank you for the help.  I was able to get squid configured and
running but I am getting an "access denied" error from squid when
trying to connect.  In the squid access logs I see something like
"TCP_DENIED/403 1539 CONNECT www.mydestination.com:443"

I didn't change any of the minimum acl or http_access lines in the
basic squid configuration.  Can you point me in the correct direction
on this problem?   Again, thanks for your help.

Jake Jacobson

http://www.google.com/profiles/jakecjacobson

Our greatest fear should not be of failure,
but of succeeding at something that doesn't really matter.
   -- ANONYMOUS



On Wed, Feb 2, 2011 at 10:04 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
> On Wed, 2 Feb 2011 11:15:31 -0500, "Martin \(Jake\) Jacobson" wrote:
>> Hi,
>>
>> I need to configure a proxy box that will proxy a site that requires a
>> PKI cert.  The site requires a chained cert and fails if the cert
>> presented is unchained.  We have a bot that is only presenting its
>> cert and not the complete chain so it fails the connection.
>
> Sounds like you need to figure out why a non-chained cert was loaded into
> the bot in the first place.
>
>>
>> I am wondering if we could have squid make the request for the
>> resource and instead of using the bot's cert, the squid client would
>> use the chained cert that I have loaded with squid?
>>
>> Jake Jacobson
>
> To use Squid certs you will need the bot to communicate over unsecured
> HTTP with Squid.
> Then you just configure a cache_peer line in Squid presenting the relevant
> cert to the website.
>
> Amos
>



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux