On 05/14/2017 03:49 PM, avi_h wrote: > I'm trying to get squid to listen to HTTPS in order to encrypt the traffic > between the proxy and the user. > https_port 3129 cert=/etc/squid/certificate.pem key=/etc/squid/privatekey.pem > However, when I try to connect from the browser using port 3129 I get a > connection refused. > When runnig squid in debug mode I got the following in cache.log: > > 2017/05/14 21:10:19.854 kid1| 83,2| client_side.cc(3743) Squid_SSL_accept: > Error negotiating SSL connection on FD 7: error:00000005:lib(0):func(0):DH > lib FYI: The "connection refused" browser error does not seem to match "Error negotiating SSL connection" Squid error, but perhaps it is just your browser being a little misleading. > Please help me understand the reason. You have configured Squid to be an HTTPS proxy. Did you configure your browser to use an HTTP proxy instead of an HTTPS proxy? Some browsers support HTTPS proxies, but it is tricky to enable that support so I have to ask. HTTP proxies expect plain HTTP requests. HTTPS proxies expect encrypted HTTP requests. If you are still having trouble, it may be useful to attach browser-Squid packet capture when reproducing the problem with http://www.example.com/ or a similar "trivial" site. Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
