On 6/02/2013 1:58 p.m., Brooks Lyrette wrote:
Hey All, I've been racking my brain trying to figure out how to get this configured. I'm looking to get the following working: Client <-- Over SSL --> Squid <-- Over SSL --> Accel Server I'm using Squid Cache (Version 3.1.10) I have the connection from the client to the server over SSL working with the following configuration: ---- https_port 443 accel cert=site.crt key=site.key defaultsite=dev.foo.com accel vhost ignore_expect_100 on cache_peer <server_ip> parent 80 0 no-query originserver name=foo acl sites_server_3 dstdomain dev.foo.com cache_peer_access foo allow sites_server_3 http_access allow sites_server_3 http_access deny all ---- From the documentation and examples I tried chaning this configuration to make the Squid to Accel Server happen over SSL. --- https_port 443 accel cert=site.crt key=site.key defaultsite=dev.foo.com accel vhost ignore_expect_100 on cache_peer <server_ip> parent 443 0 no-query originserver ssl sslflags=DONT_VERIFY_PEER name=foo acl sites_server_3 dstdomain dev.foo.com cache_peer_access foo allow sites_server_3 http_access allow sites_server_3 http_access deny all --- When using this configuration Squid hangs on the connection. It also takes 100% CPU. It never replies to the HTTP request, nor does it add any entries to cache.log or access.log. Am I missing something obvious?
The above config seems correct for https://dev.foo.com/. Apart from the "vhost" setting, which is not supported well on https_port with a single static certificate.
* It is possible you are having firewall or PMTU, ECN, Windows scaling issues - all the normal causes of hanging connections.
* It is possible your client software is using the Expect: 100-continue feature. Which you have configured to be ignored - the side effect of ignoring is that when Expect: is not available (it is not available in squid-3.1) the client will hang until it times out and re-tries using suitable HTTP/1.0 features.
Please try upgrading your Squid the current supported version is 3.2.7. Amos
