Hey Dixit is it your first name?, I want to help you but you are jumping between subjects and issues over and over again. Try to open a single thread for a subject and follow it. You are missing details on the clients. Clients can vary from PC to MOBILE etc.. To clear out any doubts about the setup more details are required if you want any public help. I can try to help you specifically with installation level issues. The topics you are writing about are a more advanced topic rather then basic.. Did you had any chance reading the next docs: I want to help you but it’s not always so simple. Take into account that some servers/websites use different versions of TLS/SSL and Squid 4 is not compatible with all of them. What version of OpenSSL do you have installed on your OS? yum list installed might give you the right answer. Also, if you have specific clients which are having issues try to get the relevant details on their software and device. I cannot do this work for you but can try to help you based on what you might send the public list. Eliezer ---- Eliezer Croitoru Tech Support Mobile: +972-5-28704261 Email: ngtech1ltd@xxxxxxxxx From: DIXIT Ankit [mailto:Ankit.Dixit@xxxxxxxxxxxx] Eliezer, Clients are facing some SSL related issues after upgrade. I could see below error. Please suggest, its little urgent. quid[6706]: Error negotiating SSL connection on FD 167: error:00000001:lib(0):func(0):reason(1) (1/0) Regards, Ankit Dixit|IS Cloud Team Eurostar International Ltd Times House | Bravingtons Walk | London N1 9AW Office: +44 (0)207 84 35550 (Extension– 35530) From: Eliezer Croitoru <ngtech1ltd@xxxxxxxxx>
The first thing to do is look at: https://wiki.squid-cache.org/KnowledgeBase/HostHeaderForgery It should clear couple doubts for you. Eliezer ---- Eliezer Croitoru Tech Support Mobile: +972-5-28704261 Email: ngtech1ltd@xxxxxxxxx From: DIXIT Ankit Elizer, We installed Squid 4.12 on production server, amazon Linux 2, successfully but I could see below messages in the logs for SECURITY ALERT: Host header forgery detected. These are getting generated very frequently. Can we ignore this Or is it advised to suppress these alerts? kid2| SECURITY ALERT: on URL: 5-25-3-app.agent.datadoghq.com:443 2020/06/30 07:41:29 kid1| SECURITY ALERT: Host header forgery detected on local=IP remote=IP FD 97 flags=33 (local IP does not match any domain IP) Regards, Ankit Dixit|IS Cloud Team Eurostar International Ltd Times House | Bravingtons Walk | London N1 9AW Office: +44 (0)207 84 35550 (Extension– 35530) This email (including any attachments) is intended only for the addressee(s), is confidential and may be legally privileged. If you are not the intended recipient, do not use, disclose, copy, or forward this email. Please notify the sender immediately and then delete it. Eurostar International Limited and its affiliates ("EIL") do not accept any liability for action taken in reliance on this email. EIL makes no representation that this email is free of viruses and addressees should check this email for viruses. The comments or statements expressed in this email are not necessarily those of EIL. |
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
