Search squid archive

SSLBump SSL error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Amos/All,

I am running a 3.2 snapshot in production (with a 2.7 as a fallback) with ssl-bump and dynamic cert generation. For some SSL sites, we are getting the following in cache.log:

2012/02/05 10:23:03 kid1| fwdNegotiateSSL: Error negotiating SSL connection on FD 33: error:00000000:lib(0):func(0):reason(0) (5/0/0)

and a

The system returned: (71) Protocol error

from squid in the browser.

One example I know can reproduce this every time is:

https://applyonline.abbeynational.co.uk/olaWeb/OLALogonServlet?action=prepare&application=OnlineBankingRegistrationServlet&js=on

which is the "Register" link from Santander's online banking logon page (noone can logon to their Santander banking either, and we see the same in the logs).

we have also had to exclude the following domains from bumping for the same reason:

.threadneedle.co.uk
.santander.co.uk
.bankline.rbs.com
.socgen.com
.mandg.co.uk

Other SSL sites bump fine so I'm not sure what is happening here.

Cheers

Alex





[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux