[squid-users] Error: (71) Protocol error (TLS code:SQUID_ERR_SSL_HANDSHAKE)
Loučanský Lukáš
Loucansky.Lukas at kjj.cz
Mon Jun 22 06:10:24 UTC 2020
Sorry - but how is your solution different from:
1) openssl dhparam -outform PEM -out dhparam.pem 2048
2) https_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/etc/rootCA.crt key=/usr/local/squid/etc/rootCA.key options=SINGLE_DH_USE,SINGLE_ECDH_USE tls-dh=/usr/local/squid/etc/dhparam.pem
Or tls-dh=prime256v1:/usr/local/squid/etc/dhparam.pem
?
LL
> I have tested 4.12 and with default settings I am getting an error on some local common web pages.
>
>
>
> (71) Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)
> Handshake with SSL server failed: error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small
More information about the squid-users
mailing list