On 30/03/20 11:58 am, saiyan_gc wrote: > Hi, I am trying to setup a https proxy server, and after I followed some > tutorial, Which tutorial? > created self signed certificate, configure the squid.conf, I also > copied the certificate to the client host Which certificate? Where did you put it? Do both curl and the aws tool use that location? > and setup the https_proxy global > environment variable, How did you set it up? Do both curl and the aws tool use that non-standard environment variable? > I can do *curl https://www.google.com*. I saw > "172.16.0.16 TCP_TUNNEL/200 16567 CONNECT www.google.com:443 abc > HIER_DIRECT/216.58.193.68 -". This curl request does not match the squid.conf you provided. No authentication credentials are provided, yet username "abc" is being logged. > > But I am trying to use my aws cli with "aws s3 ls", the access log will > throw "172.16.0.16 NONE/000 0 NONE error:transaction-end-before-headers - > HIER_NONE/ - -". The TCP connection from client closed before any HTTP was received. > > And it throw "Error negotiating SSL connection on FD 16" in cahe.log > TLS handshake failure is likely why the TCP connection closed. Find out what failure is happening. > > Here is my config file: > > *https_port 3130 cert=/etc/squid/ssl_cert/example.com.cert \ > key=/etc/squid/ssl_cert/example.com.private > auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords > auth_param basic children 5 startup=0 idle=1 > auth_param basic credentialsttl 2 hours > auth_param basic casesensitive off > acl ncsa_users proxy_auth REQUIRED > http_access deny !ncsa_users > http_access allow all* > > Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
