[squid-users] squid reverse proxy (accelerator) for MS Exchange OWA
Alex Rousskov
rousskov at measurement-factory.com
Fri Jan 20 15:59:31 UTC 2017
On 01/20/2017 02:13 AM, Amos Jeffries wrote:
> The key part is the "Error negotiating SSL on FD 16:
> error:00000000:lib(0):func(0):reason(0) (5/0/0)"
>
> Which is OpenSSL's very obtuse way of telling Squid "an error
> rhappened". With no helpful details about what error it was.
Actually, this is Squid's very obtuse way of telling us that peer closed
the connection while violating the SSL protocol (i.e., a
protocol-violating EOF during an SSL_connect() network read).
OpenSSL error reporting is ugly indeed, but we should not blame it for
our own lack of code to render OpenSSL-supplied details in a
human-friendly way (or for losing critical information along the way).
Cheers,
Alex.
More information about the squid-users
mailing list