On 04/19/2016 07:16 AM, Markey, Bruce wrote: > Can anyone point me to a deep dive or something like that about how > ssl_bump and peek/splice etc work? The more technical the better. That's easy! https://code.launchpad.net/squid http://wiki.squid-cache.org/Features/SslPeekAndSplice is less technical but documents most of the modern mechanics. Unfortunately, it is difficult to grok quickly or without good understanding of how SSL and HTTP work in general. There are also a few bug reports on Bugzilla covering various corner cases. > I > don’t want to ask a ton of questions about some of the errors I’m > getting without fully understanding what is going on. Do not worry about full understanding. There are probably less than 10 people in the world that got close to that coveted level of "full understanding". Unfortunately, they got there through years of pain and suffering, not reading documentation. And they are too busy to document everything they know. > I currently have squid working almost the way I want it, with just a few > remaining issues. One of them being is that with ssl sites I seem to > get a lot of “not private, cert authority” messages then I have to add > that site to an acl to not be bumped. Regarding my first question, I > want to understand why. Please make sure you specify the exact error message and which agent is generating it when asking about this problem in the future. Also, examine and report which certificate (origin server or one of the Squid-generated ones; which one?) is being received by that agent if possible. > My second question I think is a quickie. Can you run 2 log files? > Reason being is that I use squidanalyzer and it only reads the standard > log format. But there are better log formats for what I’m doing. I’d > like to keep dual logs while I work on my own analyzer that reads that > log file. You can see the logformat line commented out along with some > other log lines. Yes, you can have many access_log directives. HTH, Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
