[squid-users] Error negotiating SSL connection on FD 12: Success
Amos Jeffries
squid3 at treenet.co.nz
Wed May 6 12:49:41 UTC 2015
On 6/05/2015 10:31 p.m., Ashish Behl wrote:
> I an encountering the same issue.
>
> Using squid 3.5.4 inside docker container, I have set up proxy in my browser
> to point to the squid proxy port.
> I have also seperated the HTTP and HTTPS ports in squid as well as in
> browser.
> Full details of the error are on stackoverflow:
> http://stackoverflow.com/questions/30057104/squid-ssl-bump-3-5-4-error-error-negotiating-ssl-connection-on-fd-10-success
>
> Please let me know what is wrong here.
You are connecting the curl and browser to port 8080. Which is
configured to *only* receive traffic from the OS NAT system (intercept
flag).
Remove the "intercept" flag from Squid if you are going to connect to
that port with clients, or duplicate the ssl-bump configuration on the
port 8080 line.
If you are only doing this for "testing". Then please stop. Test what is
actually going to be used - in the *way* that it is actually going to be
used. As if your tester was one of the real clients.
HTTP (and HTTPS) are remarkably complicated these days. Testing with a
completely different type of traffic than you expect to occur normally,
is not going to get you anywhere near a working system.
Amos
More information about the squid-users
mailing list