[squid-users] Disable SSLv3 on Squid doesn't seem to work

Sebastian Fohler info at far-galaxy.de
Fri Nov 21 14:57:27 UTC 2014


I've disabled SSLv3 with this option set in my squid.conf file:

sslproxy_options NO_SSLv3 NO_SSLv2

But despite that fact, the squid proxy accepted the configuration 
without any problems, I still get SSLv3 connections working.
I've sniffed the traffice on that interface on the proxy port and if I 
do a SSLv3 connection from the browser and do a poodle check, the 
sniffing protocol shows an established SSLv3 connection.

Can someone tell me if I missed something here?
Is there some option which could override the sslproxy_options setting?
How can I check if the sslproxy_options are really being used?

Thank you in advance.
Best regards
Sebastian


More information about the squid-users mailing list