On 15.11.2012 04:49, Jeroen Ruijter wrote:
How can I allow the lines beneath, so the patterns .ico .crl will
work without certification errors.
1352906047.969 0 172.16.4.254 TCP_DENIED/407 3937 GET
http://mscrl.microsoft.com/pki/mscorp/crl/mswww(6).crl - NONE/-
text/html
1352906047.981 0 172.16.4.254 TCP_DENIED/407 3975 GET
http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl -
NONE/- text/html
1352906047.992 0 172.16.4.254 TCP_DENIED/407 3998 GET
http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl
- NONE/- text/html
1352906048.006 0 172.16.4.254 TCP_DENIED/407 3947 GET
http://crl.microsoft.com/pki/crl/products/CodeSigPCA.crl - NONE/-
text/html
What makes you think there is anything wrong with these?
407 is a request that the client agent preform login before they can
continue to use the proxy. Did you trim away the followup request where
the client sent login details or is there none? the latter being a
client user-agent problem, not Squid.
This should help you understand what you have to change:
http://wiki.squid-cache.org/Features/Authentication#How_do_I_use_authentication_in_access_controls.3F
When you have read that you will understand why we cannot help you
change your config file without seeing what the config contains or even
whether the change will do anything.
Amos
