[squid-users] ssl_crtd breaks after short time

Amos Jeffries squid3 at treenet.co.nz
Thu Jun 4 22:18:35 UTC 2015


On 5/06/2015 3:34 a.m., Klavs Klavsen wrote:
> I would be perfectly fine with allowing the SSL bumping to finish for
> ALL https sites - and then only block when the http request comes..
> 
> I'm hoping someone can tell me what I've done wrong in my config.. I'm
> obviously not understanding how it works when https is envolved.. it
> works as intended with http..

It should be working. I'm a bit confused myself now why that CONNECT
line would be matching the decrypted requests, they definitely should
not be having the CONNECT request method as they are destined to an
origin server.

We've missed something basic, and will probably kick ourselves at how
simple when its reavealed. :-(
 All I can think of now is that James log format should be indicating
more clearly whats going on than the default Squid one will.

Amos



More information about the squid-users mailing list