[squid-users] Error negotiating SSL

Amos Jeffries squid3 at treenet.co.nz
Thu Nov 17 04:06:11 UTC 2016

On 17/11/2016 5:58 a.m., piequiex wrote:
>> On Mon, 2016-11-14 at 16:12 +0000, piequiex wrote:
>>> What mean this error and how to fix it?
>>> Error negotiating SSL on FD 29:
>>> error:00000000:lib(0):func(0):reason(0) (5/-1/104)
>>> Error negotiating SSL on FD 30:
>>> error:00000000:lib(0):func(0):reason(0) (5/-1/104)

This error occurs when non-TLS is passed to OpenSSL.

>> Please provide more information next time (squid.conf at least).
> Squid Cache: Version 3.5.22 with ssl-bump enabled.
> http_port ssl-bump generate-host-certificates=...
> Quoted error appears when qtox going through squid.

qtox does not use TLS. It cannot be SSL-bump'ed.

If you can define some ACL to identify the qtox traffic you might be
able to splice it.

Otherwise I suggest you try Squid-4 and the on_unsupported_protocol feature.


More information about the squid-users mailing list