On 08/05/17 20:09, hoje wrote:
Hi, I have installed squid 3.5.24 and have enable option '--enable-ssl' '--enable-ssl-crtd' and '--with-openssl’. Im using debian 8.7. Im want to use this squid to filter http & https traffic. I have no problem filtering http/https when using it with <10 users. If i connect it to 200+ users, i will get lots of ERR_CONNECT_FAIL, TAG_NONE/503 & TCP_MISS/503 in less than 10 minutes. Need some advice. Thank you.
I suspect that the problem is just one or a few of the users having broken TLS/SSL or doing something weird with it.
First thing to do is ensure that the problem remains with the very latest code. A whole bunch of bug fixes around the topic of error handling during SSL-Bump processing steps have just landed in Squid-4. The set started with some changes that made it into the 3.5.25 release.
So I suggest rebuilding with the 3.5.25 released code, or if the problem remains the snapshot of Squid-4 which should be labeled r15031 or later.
Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
