On 3/10/2015 12:11 a.m., Sebastian Kirschner wrote: > Thanks Amos for the reply , > > I will trim the config with your recommendations but a few questions exists on my side. > > " If you mean it to be used to verify the *server* certificates then you need to configure sslproxy_crlfile instead." > > I guess that was what im looking for :-) , > but I couldn’t find something about that configuration directives on the squid doc configuration site and my squid ignores the options > because its unrecognized. > Sorry. I keep forgetting that one is not supported in Squid-3. You will need Squid-4 with: tls_outgoing_options crlfile=/... > "> request_body_max_size 0 KB > > Seriously? POST and PUT are forbidden to send data anywhere?" > > Should the value be ignored because it’s a zero ? > Here the part of the Squid configuration document > "If you set this parameter to a zero (the default), there will be no limit imposed." Maybe yes, maybe no. Sometimes our documentation is out of data and we are moving to a model where "none" (the word) means no limits. If you want the default, remove it from the config file. That goes for almost all directives in Squid-3. > > " build-info requires a string. Whoever provided this package needs to fix that." > I was the builder :-) , could you give me a hint about that ? It is a string for branding, or adding a custom sentence to squid -v output. Major distros use it to label their builds clearly in a way separated from the release version. Some of my clients use it to label what their custom patching was applied to the build. If you dont set it to a string like --enable-build-info="something" it is not useful and can be removed entirely. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
