On 4/02/20 7:50 pm, yohan83942 wrote: > Something new has happened. > > [root@localhost squid-5.0.1]# /usr/local/squid/sbin/squid -z > 2020/02/04 14:46:00| ERROR: Unknown TLS option '-bump' > [root@localhost squid-5.0.1]# 2020/02/04 14:46:00| Created PID file > (/usr/local/squid/var/run/squid.pid) > 2020/02/04 14:46:00 kid1| ERROR: Unknown TLS option '-bump' > "ssl-bump" is not an option of cache_peer. > This problem does not seem to affect the agent. But `cache_peer` still has > no effect. > > # Squid normally listens to port 3128 > sslproxy_cert_error allow all > #sslproxy_flags DONT_VERIFY_PEER > http_access allow all > always_direct allow all This config requires traffic to *always* go direct to servers - not cache_peers. > ssl_bump bump all > ssl_bump stare all > sslproxy_cert_error allow all > http_port 3128 ssl-bump cert=/usr/local/squid/etc/squid/squid.pem > key=/usr/local/squid/etc/squid/squid.pem generate-host-certificates=on > options=NO_SSLv2 All settings related to SSLv2 are not supported in any way since Squid-4. > #http_port 3128 > > #cache_peer 127.0.0.1 http parent 10809 0 no-query > #cache_peer 192.168.1.101 parent 10809 0 no-query originserver weight=1 > #cache_peer_domain a www.google.com > #cache_peer_access a allow all > > cache_peer 192.168.1.101 parent 10809 0 no-query ssl-bump ssl > sslcert=/usr/local/squid/etc/squid/squid.pem > sslcafile=/usr/local/squid/etc/squid/squid.pem > never_direct allow all > Can Squid access the Internet through a Socket5 proxy? > SOCKS proxies do not understand HTTP proxy syntax. So no, not like you are thinking. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
