[squid-users] Squid not allowing SSL handshake

Yuri Voinov yvoinov at gmail.com
Thu Mar 17 17:31:01 UTC 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
I see one problem in your squid's config:

acl allowed_https_sites ssl::server_name .twilio.com



Try to use ssl::server_name_regex \.twilio\.com instead of
ssl::server_name. I've opened bug about it: ssl::server_name does not work.

17.03.16 22:23, Nick Walke пишет:
> We have a squid.conf like this: https://gist.github.com/nwalke/55fea584352016149180
>
> And we configure squid like this:
https://gist.github.com/nwalke/a9fea476cf7b3326ef14
>
> When I try to do curl https://api.twilio.com I get a response from
Twilio.  When I do openssl s_client -connect api.twilio.com:443
<http://api.twilio.com:443> it says that it could not complete the SSL
handshake.  If I start a clean server (none of our custom configuration)
and force its traffic through squid, I get the same results.  If I take
that same clean server and route its traffic not through squid, the
handshake completes successfully.
>
> Any ideas what the problem might be or what I can look in to further?
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBCAAGBQJW6unVAAoJENNXIZxhPexGWqYH/08JsIZmlQtlrSet++ly1Ii7
2upBTm9+F0jwHHdfYGWT8RaL2ghzihX1AwqFOtakLa2s/ZujK92GZz+RdDGmBKnI
4vtxQxGvWw+JTlVDTgpTTN/ExK+yh1UL8sGpEsz5nkKQCuuPwsbUE8cWDBU3w610
cZjIu1jIxcy832qQ8MzkgUTnoZ21EI2mh8vP8ht+1sySBgmT9bskwCoZjASb8dQJ
lFG0S66a0VON6NaHVhXYzhRVhQ2WhGLcs7xKBIyxCaWpTmchVip8wtC168+T06sN
TMeUS7DdNdDLAJdk7M+u/OVTJQQ1S7b23rH92VDGwD/gEZk265iqh3wWSlTVZ+8=
=o57Y
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160317/fbd9c4a6/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x613DEC46.asc
Type: application/pgp-keys
Size: 2437 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160317/fbd9c4a6/attachment.key>


More information about the squid-users mailing list