On 11/05/20 8:26 am, Allan Raymond Ignacio wrote: > I have compiled and installed SQUID_4.11-3 with SSL, CRTD on debian10 > and here is my configuration - > > ... > > ### I can browse https on laptops BUT when I used IOS devices or > android, I get errors with this - > > > 1589083941.053 1 192.168.10.15 NONE_ABORTED/200 0 CONNECT > 157.240.18.35:443 <http://157.240.18.35:443> - HIER_NONE/- - > The client is disconnecting during the TLS handshake. Worth looking into the TLS traffic to see what is going on, but expect good chances that cert pinning or TLS/1.3 is being used here. > > If anyone can point to me what's wrong with my squid.conf configuration > or can provide me with a working squid.conf for ssl_bump, I will be > indebted to you. > Looks like a reasonable config to me. An always-working config is not possible at this time. TLS is still a volatile environment and the SSL-Bump features constantly undergoing improvements. Which some of its behaviours are gaining stability, the SSL-Bump feature overall is still experimental. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
