[squid-users] reverse proxy setup

Alex Samad alex at samad.com.au
Sat Dec 12 03:07:49 UTC 2015


Hi

I'm thinking it is outlook not being able to talk tls1.1 and/or tls
1.2 to squid. I am in the process of patching up my test box.

By ignoring that, I mean the reason its there is that outlook tried to
talk tls1 to it whilst I had tls1 turned off

A

On 11 December 2015 at 15:50, Amos Jeffries <squid3 at treenet.co.nz> wrote:
> On 11/12/2015 4:52 p.m., Alex Samad wrote:
>> Hi
>>
>>
>> Is there any way to remove these from the log
>>
>> kid1| Error negotiating SSL connection on FD 38: error:140760FC:SSL
>> routines:SSL23_GET_CLIENT_HELLO:unknown protocol (1/-1)
>>
>> this is the corrosponding squid config
>> options=NO_SSLv2:NO_SSLv3:NO_TLSv1:SINGLE_DH_USE:CIPHER_SERVER_PREFERENCE
>>
>> Not I don't get this when I re enable tlsv1..
>
> Strange. Usually that means non-TLS traffic being passed to the HTTPS
> port. For example, clients opening plain-text HTTP connections to it.
>
>>
>> I am presuming I can ignore these.
>
> That is always up to you. In this case somebody is getting broken
> traffic, and your logs are filling with the messages saying so.
>
> Amos
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users


More information about the squid-users mailing list