On 24/02/2016 1:25 p.m., Dan Charlesworth wrote: > That’s the version I’m on actually (RPM compiled by me): > > squid-3.5.13-1.el6.x86_64 > openssl-1.0.1e-42.el6_7.2.x86_64 > > I’m not setting sslproxy_cipher in my config, so I guess that’s not it. My openssl library the problem perhaps? Perhapse. I expect that library is new enough not to have problems with anything. It could still be the same DH problem. For the DH and ECDH type ciphers you have to supply the Diffi-Helman parameters and/or Curve name or Squid will still not be able to use / negotiate them. You could try setting up the tls-dh= parameter and see if it solves the problem. Of course you might just be seeing malware attacks intentionally trying to force low-security ciphers and being rejected with that error logged. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
