Hi Using latest squid 3.4.4 with ssl_bump. With ssl_bump enabled, I receive an error in cache.log (and the browser too) while opening the page 'https://www.pubservice.com/Subnew2page.aspx?PC=LJ': fwdNegotiateSSL: Error negotiating SSL connection on FD 67: error:00000000:lib(0):func(0):reason(0) (5/-1/104) I have found two workarounds: 1) Find out, which encryption the SSL-connection is using (curl -s -v -I -k "https://www.pubservice.com/Subnew2page.aspx?PC=LJ";) and search for "SSL connection using RC4-SHA". 1a) Define 'sslproxy_cipher RC4-SHA' in squid.conf and reload squid 2) Deny ssl_bump for the site mentioned above. Question: What encryption types does squid allow per default in sslproxy_cipher? Why do I need to extend the sslproxy_cipher-directive in some circumstandes? Why is this site not working with ssl_bump enabled and the default "sslproxy_cipher"? Thanks a lot. Tom
