On 29/05/18 00:17, Ahmad, Sarfaraz wrote: > I was wrong. It is not the remote server but Squid itself which is sending a FIN,ACK after ServerHelloDone. > At 8 seconds, ServerKeyExchange, ServerHelloDone is received by Squid. The cipher suite looks like (ECDHE+RSA+SHA512 ,wireshark shows rsa_pkcs_sha512.) > After about 60 more seconds (there is no activity on the wire during this period), Squid sends a FIN/ACK to the remote server effectively closing the connection. > What debug_options should I be using for more relevant logging in cache.log ? 26,9 11,9 and 5,9 are not helping much. If in doubt ALL,9 has everything. Sounds normal symptoms for a verify failure, except odd that there is still a 60sec timeout happening. It should FIN immediately on the verify failure. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users