On 4/12/2015 12:34 a.m., Massimo.Sala wrote: > We have a server with squid 3.4.8 as forward proxy ( clients have the > proxy configured in the browsers ). > > > Sometimes we have Zero-Sized Replies from Windows Servers as discussed > here : > > https://squidproxy.wordpress.com/category/squid-3/ > > The proxy server is in the internal LAN. We want to adopt this work-around > : > > disable BEAST mitigation by ssloptions=ALL in squid.conf > (insecure) > > > Does it work in forwarding mode ? > > http_port 3128 ssloptions=ALL > No. SSL options are not relevant to plain-text HTTP traffic. >From the hints you have given about your configuration so far I believe the HTTPS traffic is being tunnelled blindly through your proxy. All TLS/SSL details are being negotiated between the client UA and the server they are tunneled to. Under such conditions there is *nothing* you can do to influence or affect TLS/SSL behaviour short of blocking it outright on a per-server basis. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
