Hi. About this thread: http://www.squid-cache.org/mail-archive/squid-users/201210/0166.html Just to let you know that the OpenSSL flag which controls tls compression is "SSL_OP_NO_COMPRESSION". This flag seems to exist only since OpenSSL 0.9.9. Here is a quick and dirty patch to disable the compression in Squid3.1: $ diff -u ../squeeze/squid3-3.1.6/src/ssl_support.cc src/ssl_support.cc --- ../squeeze/squid3-3.1.6/src/ssl_support.cc 2010-08-01 14:01:37.000000000 +0000 +++ src/ssl_support.cc 2012-12-03 11:35:15.000000000 +0000 @@ -376,6 +376,11 @@ "NO_TLSv1", SSL_OP_NO_TLSv1 }, #endif +#ifdef SSL_OP_NO_COMPRESSION + { + "NO_Compression", SSL_OP_NO_COMPRESSION + }, +#endif { "", 0 }, Next you will have to add "NO_Compression" to your Squid's configuration file (with ssloption= or options= in the https_port context). Obviously you have to build Squid with an OpenSSL version which support this parameter (working fine for me with OpenSSL 1.0.1c). Regards.
