I see a message similar to Marcus' in cache.log. 2018/05/16 00:20:10 kid1| ERROR: negotiating TLS on FD 77: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (1/-1/0) And I am running squid-4.0.24. Sarfaraz -----Original Message----- From: squid-users <squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx> On Behalf Of Marcus Kool Sent: Wednesday, May 16, 2018 1:41 AM To: squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: Re: TCP FIN,ACK after ServerHelloDone with pcmag.com The proxies that I used for the test have Squid 4.0.22 and Squid 4.0.23. Marcus On 15/05/18 15:40, Amos Jeffries wrote: > On 16/05/18 01:32, Marcus Kool wrote: >> pcmag.com also does not load here, although my config parameters are >> slightly different. >> The certificate is indeed huge... >> Do you have >> ERROR: negotiating TLS on FD NNN: error:14090086:SSL >> routines:ssl3_get_server_certificate:certificate verify failed >> (1/-1/0) or other errors in cache.log ? >> >> Marcus >> > > Are these Squid-4.0.24 ? There is a regression[1] in the cafile= > parameter handling in the latest release. > <https://bugs.squid-cache.org/show_bug.cgi?id=4831> > > Amos > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users > _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
