On 5/02/2013 5:28 p.m., PARAM KRISH wrote:
Amos, Thanks for helping.
I have moved the squid out of server1 to keep them in same ports as
you recommended. Now here is my setup...
server1 : just squid listening in 80 and 443 (IP: 10.56.8.201)
server2 : apache1 in 8080 & 443 (IP: 10.56.8.38)
server3 : apache2 in 8080 & 443 (IP: 10.56.8.39 )
When i try http://10.56.8.201 , it gets converted to https but hits
the "400 Bad Request - You're speaking plain HTTP to an SSL-enabled
server port"
Try 'ssl' option on your Apache cache_peer lines now.
Removed round-robin from squid.conf as you recommended but that did
not make a difference either.
Interestingly, When i try it through "curl -vvvv" it tells some access
denied, not sure what/where access could be denied.
I am not running "iptables" in any of these 3 servers. I can do a
telnet to 8080 & 443 from squid to apache servers as well.
< HTTP/1.1 302 Moved Temporarily
< Server: squid/3.2.3
< Mime-Version: 1.0
< Date: Tue, 05 Feb 2013 04:25:48 GMT
< Content-Type: text/html
< Content-Length: 0
< Location: https://10.56.8.201/
*< X-Squid-Error: 403 Access Denied*
< X-Cache: MISS from engwikilb1.eng.COMPANY.com
<http://engwikilb1.eng.COMPANY.com>
< Via: 1.1 engwikilb1.eng.COMPANY.com
<http://engwikilb1.eng.COMPANY.com> (squid/3.2.3)
< Connection: keep-alive
Small artifact of using deny_info to redirect. You can ignore these.
<
* Connection #0 to host 10.56.8.201 left intact
* Closing connection #0
To make it simple for the discussion, we can talk only for the domain:
eng.COMPANY.com <http://eng.COMPANY.com>.
If it works i can proceed for the other domain "company.com
<http://company.com>".
Am i missing something ? Please find attached the squid.conf and the
access, cache.logs for you to look at.
I have masked the domain as "newwikid.company.com
<http://newwikid.company.com>" everywhere.
I think what i am hitting must be very trivial for experts like you to
crack in a min.
Thanks much for the help.
-PK
Amos