On Wednesday 13 June 2018 at 21:28:27, baretomas wrote:
> The calls from the application is done using ssl / https by telling java to
> use Squid as a proxy (-Dhttps.proxyHost and -Dhttp.proxyHost).
Okay, but...
> http_port 3128 ssl-bump generate-host-certificates=on
> dynamic_cert_mem_cache_size=4MB
> cert=/cygdrive/c/squid/etc/squid/proxyCAx.pem
> key=/cygdrive/c/squid/etc/squid/proxyCA.pem
> # certificate generation program
> sslcrtd_program /cygdrive/c/squid/lib/squid/ssl_crtd -s
> /cygdrive/c/squid/var/cache/squid_ssldb -M 4MB
> acl step1 at_step SslBump1
>
> ssl_bump peek step1
> ssl_bump bump all
Surely all this peeking and bumping is only needed if you're running Squid in
interception mode, whereas you've said that you've configured your Java
application to explicitly use Squid as a proxy?
Have you tried your Squid configuration with a plain browser, configured to use
the proxy, with (a) a few random websites, and (b) the specific resource you're
trying to access from your Java application, to see whether it is actually
working as a caching proxy?
Antony.
--
This sentence contains exacly three erors.
Please reply to the list;
please *don't* CC me.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
