[squid-users] Reverse proxy for HTTPS cloudfront server

Philip Munaawa philip.munaawa at appliansys.com
Mon Feb 13 15:40:16 UTC 2017


I am trying to reverse proxy a site hosted on cloudfront, using the normal
https_port accel. I have the key/cert pair for the origin. The cloudfront
uses TLS/SNI to negotiate an SSL connection. However, when I try to connect
through the proxy, I get the error below in the logs:

Error negotiating SSL on FD 39: error:14094410:SSL
routines:SSL3_READ_BYTES:sslv3 alert handshake failure (1/0/0)

I have seen a similar issie with nginx, which was resolved by adding a
switch to send the server_host_name. see:
http://stackoverflow.com/questions/25329941/nginx-caching-proxy-fails-with-ssl23-get-server-hellosslv3-alert-handshake-fail

Does squid (3.5.24) have a similar switch/functionality?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170213/c5da39ab/attachment.html>


More information about the squid-users mailing list