Hey Scott, Can you attach any example cookie with and without the secure value? (replace sensitive data) Thanks, Eliezer ---- Eliezer Croitoru Tech Support Mobile: +972-5-28704261 Email: ngtech1ltd@xxxxxxxxx -----Original Message----- From: squid-users <squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx> On Behalf Of Scott Sent: Tuesday, October 27, 2020 11:24 AM To: squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: Reverse proxying Exchange OWA wembail with SSL offloading - not working on IE/Chrome Hi, I've been trying to track down why, when reverse proxying Microsoft Exchange OWA (Outlook Web Access), recent versions of IE and Chrome don't get past the logon page. Upon entering a username and password the browser just goes back to the login page with no error displayed. Firefox works fine. It seems to be something to do with SSL offloading (when the cache peer is HTTP/80). Without SSL offloading (cache peer is HTTPS/443) everything works as expected. I did some debugging and noticed that the cookie sent from the server when SSL offloading is ON (squid <-> OWA is HTTP) is missing the "secure" attribute, whereas it is present when the data is HTTPS. This makes perfect sense, and I'm wondering if that's the reason why some of the browsers are not working. Given that the browser <-> Squid traffic is HTTPS, is there a way to get squid to add the "secure" attribute to cookies? At least for testing it clarify what's going on. Thanks, Scott _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
