On 26/06/2016 4:32 a.m., Yuri Voinov wrote: > > Amos, you are a wrong. > > No Squid-4. It's unstable and not ready for production. Whenever it's > features. So some beta software has bugs therefore nobody should ever use it for anything. I find that to be a strange and sad view of the world. Care to guess why I listed it as the last option amongst several? Or why 4.0.11 exists as a beta still? It *is* an option for the mentioned problem(s) though whatever its utility. > > Some time ago I have the same issue and know what happens exactly. > > Skype initial connection site uses RC4 cipher. Which is disabled in most > squid's configuration. Your "know what happens exactly" differs from at least two other peoples debugging experiences with Skype. RC4 is on the hitlist for most of the big vendors for the past year or so. IIRC there were several Windows Updates to remove it and other broken bits from a lot of things over the past year. If Skype is still using RC4 it might be part of this problem. > > To make it works (as by as most M$ update sites) it's require simple use > this cipher's suite: > > HIGH:MEDIUM:RC4:3DES:!aNULL:!eNULL:!LOW:!MD5:!EXP:!PSK:!SRP:!DSS > > That works for me in 5 SSL bumped setups. There is no matter which squid > version installed. Thank you. Thats another option then. I'd rate that below trying the EC ciphers, and above library updates. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
