[squid-users] Squid and SSL Bump
Amos Jeffries
squid3 at treenet.co.nz
Thu Jan 11 15:47:14 UTC 2018
On 12/01/18 03:24, Yoinier Hernandez Nieves wrote:
>
>> El 11/01/2018, a las 12:46 a.m., Amos Jeffries escribió:
>>
>> On 11/01/18 09:33, Yoinier Hernandez Nieves wrote:
>>> I try connect direct to the proxy, and this is the result
>>> 1515616366.189 1359 aaa.aaa.aaa.aaa TAG_NONE/200 0 CONNECT www.ssllabs.com:443 <http://www.ssllabs.com:443> ynieves HIER_DIRECT/64.41.200.100 -
>>> 1515616366.207 0 aaa.aaa.aaa.aaa TCP_DENIED/403 4419 GET https://www.ssllabs.com/ssltest/viewMyClient.html ynieves HIER_NONE/- text/html
>>> 1515616366.244 0 aaa.aaa.aaa.aaa TAG_NONE/503 4914 GET http://artemisa.conalza.co.cu:3128/squid-internal-static/icons/SN.png ynieves HIER_DIRECT/64.41.200.100 text/html
>>> How I can fix this.??
>>
>>
>> What exactly do you think needs "fixing” ?
>
> I need fix the problem with the auth failure.
>
> Hi say:
>
> Sorry, you are not currently allowed to request https://www.google.com/search? from this cache until you have authenticated yourself.
>
> But I stay authenticated, see the log, user, ynieves.
>
Then something in your squid.conf is forbidding username ynieves access
to use the proxy and defining that other username might be allowed. But
it provides that info far too late to re-authenticate the already
finished CONNECT message with usable credentials.
Please post *all* of your squid.conf settings so we can look in places
you might not have expected to find auth relationships. Just exclude
empty lines and # comments.
Amos
More information about the squid-users
mailing list