Hi,
I am currently squid-cache in hierarchy setup, with TLS enabled throughout.
client --> child Squid --> parent Squid --> web server
Openssl version: 1.0.2k
This setup is working for 3.5.20.
But when I updated to squid 4(tried 4.8, 4.11 and 4.13),
initial HTTP request goes through, but TLS renegotiation is failing between child and parent squid for the following requests.
From the logs, it looks like child squid is trying to initialize TLS renegotiating using old TLS session ID, but parent squid is rejecting session resumption.
I confirm this behavior using openssl s_client --reconnect option.
I tried to disabled client initialed TLS renegotiating by setting
tls-options=NO_TICKET (on child squid), but it is affecting the behavior.
Are there any changes in default TLS
renegotiation behavior between squid 3.5 and 4.x?
Is there a way to disable the client (child squid) initialized TLS renegotiation in squid 4?
Thanks,
Manoj
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
