On 10/30/2014 02:06 PM, James Lay wrote:
Hello all,
Here is my complete config for trying out peek/splice. This currently
does not work..is there something obvious that I'm mission? Current
error is:
Oct 30 06:03:14 gateway squid: 192.168.1.110 - - [30/Oct/2014:06:03:14
-0600] "GET https://www.google.com/ HTTP/1.1" 503 3854
TAG_NONE:HIER_NONE
and on the page I get a 71 protocol error and a SSL3_WRITE_PENDING:bad
write retry.
- You should use at_step acl to configure different bumping modes on
each bumping step.
- If you used "peek" mode on SslBump1 and SslBump2 steps then on
SslBump3 step you should use "splice". If you select "bump" the most
possible is that you got SSL connection errors.
The "peek" mode on SslBump3 step is interpreted as "bump" mode.
-if you selected peek mode on SslBump1 and SslBump2 steps, in most
cases, you can select only "terminate" or "splice" for SslBump3 step.
The following configuration should work:
# Bumping steps:
acl step1 at_step SslBump1
acl step2 at_step SslBump2
acl step3 at_step SslBump3
# Selecting bumping mode
ssl_bump peek step1 all
ssl_bump peek step2 all
ssl_bump splice step3 all
Regards,
Christos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
