[squid-users] HTTPS cache for Java application - only getting TCP_MISS

Antony Stone Antony.Stone at squid.open.source.it
Wed Jun 13 19:44:51 UTC 2018


On Wednesday 13 June 2018 at 21:28:27, baretomas wrote:

> The calls from the application is done using ssl / https by telling java to
> use Squid as a proxy (-Dhttps.proxyHost and -Dhttp.proxyHost).

Okay, but...

> http_port 3128 ssl-bump generate-host-certificates=on
> dynamic_cert_mem_cache_size=4MB
> cert=/cygdrive/c/squid/etc/squid/proxyCAx.pem
> key=/cygdrive/c/squid/etc/squid/proxyCA.pem

> # certificate generation program
> sslcrtd_program /cygdrive/c/squid/lib/squid/ssl_crtd -s
> /cygdrive/c/squid/var/cache/squid_ssldb -M 4MB

> acl step1 at_step SslBump1
> 
> ssl_bump peek step1
> ssl_bump bump all

Surely all this peeking and bumping is only needed if you're running Squid in 
interception mode, whereas you've said that you've configured your Java 
application to explicitly use Squid as a proxy?


Have you tried your Squid configuration with a plain browser, configured to use 
the proxy, with (a) a few random websites, and (b) the specific resource you're 
trying to access from your Java application, to see whether it is actually 
working as a caching proxy?


Antony.

-- 
This sentence contains exacly three erors.

                                                   Please reply to the list;
                                                         please *don't* CC me.


More information about the squid-users mailing list