On Monday 30 November 2015 at 18:53:54, Bart Spedden wrote:
> I can successfully connect as long as I don't use squid for either 1 way or
> 2 way TLS connections. I've also successfully connect via curl. So, I feel
> like the site's certs are working well. I could be totally off base here
> but my interpretation of the the 503 (service unavailable) is that squid is
> timing out on tls handshake? But what is weird is that when using squid I
> can successfully connect to google using https. So, that is what makes me
> wonder if it has something to do with the non-standard https port?
If it's a timeout, you should be able to see this with a standard wireshark /
tcpdump packet capture (no SSL inspection necessary) on your external-facing
router (or anywhere else which is a common path both when going direct from
the client, and via Squid).
Comparing the two (even though you can't decode the content of the packets)
may well give a clue as to what's going on differently between the two types of
connection.
Antony.
--
Users don't know what they want until they see what they get.
Please reply to the list;
please *don't* CC me.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
