[squid-users] Squid 3 SSL bump: Google drive application could not connect
Amos Jeffries
squid3 at treenet.co.nz
Tue Dec 30 13:57:36 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 31/12/2014 2:12 a.m., Yuri Voinov wrote:
>
> Hi gents,
>
> I found strange issue.
>
> Squid 3.4.10. Intercept. HTTPS bumping. All works fine. All configs
> correct.
>
> Whenever all web https sites works perfectly - especially in
> Chrome, most cloud clients works like charm (SpiderOak is!), Google
> Drive client application (PC) could not work. Note: Web Google Docs
> works. Web Google drive works.
>
> Note: Google support info - even I if pass dozen Google URL's
> without bump - cannot help. It doesn't work when server-first
> bumping is on and works othervise.
>
> So, the Serious Question is: Why? :)
>
> Any idea?
>
Probably non-HTTPS protocol being used.
As bumping gets more popular we are hearing about a number of services
abusing port 443 for non-HTTPS protocols on the false assumption that
the TLS layer goes all the way to the origin server without
inspection. That has never been a true assumption, CDN frontends have
always decrypted.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUoq9PAAoJELJo5wb/XPRjcSQIAJk349r6X95aJbaTTueFWfgP
RkAOwmDF7M6kiir8XgJ0D4+LXXL4mTxwkuGlIDe1au1jrhMAY8S1aIoU1Dc0BN5x
z4j9m1OeSeTrMAVvDCSFdf+pvAWOpLclY+f6b5HY773vus0kqT8PWhb4wVaIHP3m
9JtgpKOD9ElWdZosGVtdIl3uaExrmFGFbNLeVVo6VdeSE/D21YcH2HtEo3b+dopx
9T1SCMHItT83lr0LLFTlgTlKBrjREuKMNHN1L6FWkyJSe9OSu1efPvm23MG33G8a
ShbFMrWh9Zo50fVXZRidAyXlvjBcX7aHM/ZSb8+3ID5O7Ao484aPvbSSck9Hq/g=
=IeYG
-----END PGP SIGNATURE-----
More information about the squid-users
mailing list