[squid-users] Squid 4: Cloudflare SSL connection problem
Yuri Voinov
yvoinov at gmail.com
Tue Apr 12 14:03:59 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
UPDATE:
https://i1.someimage.com/b8w5dFz.png
This is answer from Cloudflare support.
But: 3.5.16 can deal with ECDSA TLS 1.2 but 4.0.8 not?
12.04.16 17:55, Yuri Voinov пишет:
> Does anybody faces this problem with 4.0.8:
>
> https://i1.someimage.com/3lD2cvV.png
>
> ?
>
> It accomplished this error in cache.log:
>
> 2016/04/12 17:39:38 kid1| Error negotiating SSL on FD 54:
error:00000000:lib(0):func(0):reason(0) (5/0/0)
>
> and "NONE/503" in access.log.
>
> Without proxy works like sharm. 3.5.16 with the similar squid.conf
works like sharm.
>
> NB: Cloudflare support said, that they key feature for SSL is SNI and
ECDSA now. AFAIK, 4.0.8 is fully supports this features.
>
> Any advice will be helpful.
>
> Yes, I know this looks like DDoS protection on Cloudflare. But WTF?
Any workaround required. Half-Internet is hosted on Cloudflare.
>
> WBR, Yuri
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXDQBOAAoJENNXIZxhPexGKx4H/3V9jDRNKu1xVzQhLbyVMB2u
uu9+N6umos9wi9GTRnIbMyHVS99BKUbQZf8DpdnJL+k4CPdaiHdgh/Z2QsfJoA3h
KZyI6/fpQPcsXX0xgtfpDLSPmHt61H3Dni9lRmR77BNFkq7JUKLFe71rW+8XcDBz
QeynTNi3EWfnufj332tMPj6LESZWTA5paREB1Y39sTl13kZqlmoe8hFrkckkNGRJ
38p3dl6HkMkb5eznP8fkMOjnCo61UA5BKrnzlTpFwjF21Fdv6zlrIApW8ljc7s2B
B+VkTXmuPUY/WjDybMnxdDvAYbtRAfcE4K8pE74CbHsJ/tbmfk1e0VdhD/TfpAk=
=4ka+
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x613DEC46.asc
Type: application/pgp-keys
Size: 2437 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160412/609715c2/attachment.key>
More information about the squid-users
mailing list