On 14/05/2014 4:34 a.m., Nico Snyman wrote: > Hi guys, > > I am trying to set up an https reverse proxy to cache and proxy a data > feed from a 3rd party. > > At the moment, as a POC inside a VirtualBox VM, I am simply trying to > reverse proxy https://localhost to fetch https://www.google.com (or > any other https site). > The Right Way(tm) to test is with hosts file entry standing in for public DNS. /etc/hosts: 127.0.0.1 google.com ... and making sure the proxy configuration is correct ... /etc/squid/squid.conf: ... https_port 443 accel defaultsite=google.com cert=... http_port 80 accel defaultsite=google.com ... cache_peer google.com parent 443 0 originserver ssl ... ... acl our_sites dstdomain google.com acl port443 myportname 443 acl port80 myportname 80 cache_peer_access myAccel allow port443 our_sites cache_peer_access myAccel1 allow port80 our_sites http_access allow our_sites http_access deny all ... > Unfortunately, I consistently get the following: > > kid1| TCP connection to www.google.com/443 failed > kid1| WARNING: HTTP: Invalid response: No object data received for > https://localhost/ AKA localhost/ > > In a browser this is a "Zero Sized Reply" message. > > My squid.conf as follows: > > acl SSL_ports port 443 > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 # https > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl CONNECT method CONNECT > https_port 443 accel cert=/etc/squid3/squid.crt > key=/etc/squid3/squid.key defaultsite=localhost > http_port 80 accel defaultsite=localhost > cache_peer www.google.com parent 443 0 no-query no-digest originserver > name=myAccel > cache_peer www.google.com parent 80 0 no-query no-digest originserver > name=myAccel1 > acl our_sites dstdomain localhost > http_access allow our_sites > cache_peer_access myAccel allow our_sites > cache_peer_access myAccel1 allow our_sites > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access allow localhost manager > http_access deny manager > http_access allow localhost > http_access deny all > access_log daemon:/squid3_logs/access.log squid > cache_store_log daemon:/squid3_logs/store.log > cache_log /squid3_logs/cache.log > coredump_dir /var/spool/squid3 > refresh_pattern ^ftp: 1440 20% 10080 > refresh_pattern ^gopher: 1440 0% 1440 > refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 > refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 > refresh_pattern . 0 20% 4320 > > Anybody have any ideas? I for the life of me cannot figure it out, and > haven't been able to find relevant help in the archives. > > Squid version: squid3-3.3.8 > Ubuntu 13.10 inside Virtualbox 4.3.6 > > > > Thank you! >
