On 25/11/2015 11:41 a.m., Bart Spedden wrote: > Hello, > > I have a java application that is successfully making REST calls to a 3rd > party vendor that requires 2 way SSL on port 8184 for some calls and 1 way > SSL on port 8185 for other calls. However, when I start proxying the calls > with squid all 1 and 2 way SSL calls fail. > What is "X way SSL" ? Squid 3.4 supports TLS, SSLv2, and SSLv3. > I added ports 8184 and 8185 to both SSL_Ports and Safe_ports via the > following: > > acl SSL_ports port 8184 > > acl SSL_ports port 8185 > > acl Safe_ports port 8184 > > acl Safe_ports port 8185 > You don't need to add any ports 1025 or higher to Safe_ports. They are already included in the range "1025-65535 # unregistered ports" The change to SSL_ports is correct for allowing CONNECT to those ports. Squid is now relaying traffic between the client and server across blind tunnels. It has ZERO interaction with them or the data sent. That said, there are a few major bugs in CONNECT handling that have been uncovered and fixed since 3.4.3 release was made. Please try an upgrade to latest Squid-3.5 and see if the problem disappears. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
