I have Squid 3.3.4 running on Ubuntu 12.04. For some clients, it looks like they cannot establish an SSL connection so I assume that HTTPS CONNECT is failing. These are embedded linux devices (I think) and I cannot get any logs from them so I am finding it difficult to debug. I have tried many different options on the https_port line. My https_port line is currently: https_port 443 accel cert=/root/ssl/cert.pem cipher=RC4-MD5:RC4-SHA:AES128-SHA:DES-CBC3-SHA:AES256-SHA defaultsite=mysite.mydomain.com The only relevant information that I can get from the logs is: 2014/04/25 14:57:07.598| TcpAcceptor.cc(197) doAccept: New connection on FD 31 2014/04/25 14:57:07.598| TcpAcceptor.cc(272) acceptNext: connection on local=[::]:443 remote=[::] FD 31 flags=9 2014/04/25 14:57:07.598| Eui48.cc(262) lookup: Looking up ARP address for 10.189.246.4 on eth0 2014/04/25 14:57:07.598| Eui48.cc(262) lookup: Looking up ARP address for 10.189.246.4 on eth1 2014/04/25 14:57:07.598| Eui48.cc(537) lookup: 10.189.246.4 NOT found -----BEGIN SSL SESSION PARAMETERS----- MIGLAgEBAgIDAwQCAC8EILteDsmKzo2zRpPdTooen622XmoPOJ+EuE58nSIpKQ3E BDBmI+cJ09OOG1hxtpjXqfv9ZjCUHAH0uaI7JJnB5DQb44Lu69fk/GpbT8mNj8fq yuShBgIEU1p3w6IEAgIBLKQCBACmGAQWYnN0ZXN0LnNpZ25hZ2VsaXZlLmNvbQ== -----END SSL SESSION PARAMETERS----- 2014/04/25 14:57:08.294| client_side.cc(3528) clientNegotiateSSL: clientNegotiateSSL: New session 0x7fb05d661640 on FD 10 (10.189.246.4:11885) 2014/04/25 14:57:08.294| client_side.cc(3532) clientNegotiateSSL: clientNegotiateSSL: FD 10 negotiated cipher AES128-SHA 2014/04/25 14:57:08.294| client_side.cc(3548) clientNegotiateSSL: clientNegotiateSSL: FD 10 has no certificate. 2014/04/25 14:57:09.607| client_side.cc(784) swanSong: local=10.179.64.91:443 remote=10.189.246.4:11885 flags=1 2014/04/25 14:57:40.823| TcpAcceptor.cc(197) doAccept: New connection on FD 31 2014/04/25 14:57:40.823| TcpAcceptor.cc(272) acceptNext: connection on local=[::]:443 remote=[::] FD 31 flags=9 2014/04/25 14:57:40.823| Eui48.cc(262) lookup: Looking up ARP address for 10.189.246.4 on eth0 2014/04/25 14:57:40.823| Eui48.cc(262) lookup: Looking up ARP address for 10.189.246.4 on eth1 2014/04/25 14:57:40.823| Eui48.cc(537) lookup: 10.189.246.4 NOT found -----BEGIN SSL SESSION PARAMETERS----- MIGLAgEBAgIDAwQCAC8EIPxjUMDi/iO1LHDWTiThHx7h03nX0UK+fFMeDVfVYeLz BDBloBIgFujdopEW5miRzGqJQ4cwfQrh6gAoZcL5Bt1jOvv3+9VV0uwh+Gext4wQ FJ+hBgIEU1p35KIEAgIBLKQCBACmGAQWYnN0ZXN0LnNpZ25hZ2VsaXZlLmNvbQ== -----END SSL SESSION PARAMETERS----- 2014/04/25 14:57:41.086| client_side.cc(3528) clientNegotiateSSL: clientNegotiateSSL: New session 0x7fb05d661cc0 on FD 10 (10.189.246.4:37412) 2014/04/25 14:57:41.087| client_side.cc(3532) clientNegotiateSSL: clientNegotiateSSL: FD 10 negotiated cipher AES128-SHA 2014/04/25 14:57:41.087| client_side.cc(3548) clientNegotiateSSL: clientNegotiateSSL: FD 10 has no certificate. 2014/04/25 14:57:42.448| client_side.cc(784) swanSong: local=10.179.64.91:443 remote=10.189.246.4:37412 flags=1 2014/04/25 14:58:13.909| TcpAcceptor.cc(197) doAccept: New connection on FD 31 2014/04/25 14:58:13.909| TcpAcceptor.cc(272) acceptNext: connection on local=[::]:443 remote=[::] FD 31 flags=9 2014/04/25 14:58:13.909| Eui48.cc(262) lookup: Looking up ARP address for 10.189.246.4 on eth0 2014/04/25 14:58:13.909| Eui48.cc(262) lookup: Looking up ARP address for 10.189.246.4 on eth1 2014/04/25 14:58:13.909| Eui48.cc(537) lookup: 10.189.246.4 NOT found Web browsers work with no issues, as do other non-pc devices. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/HTTPS-CONNECT-Failing-Squid-3-3-4-tp4665691.html Sent from the Squid - Users mailing list archive at Nabble.com.
