[squid-users] ssl_bump with cache_peer problem: Handshake fail after Client Hello.
Amos Jeffries
squid3 at treenet.co.nz
Thu Nov 5 03:39:47 UTC 2015
On 5/11/2015 3:47 p.m., maple wrote:
> sorry, I post my question again since last time I was not a subscriber yet.
>
> ================================================
>
> Hi,
>
> after a lot of google, I finally got this post, I met the exactly same
> problem as you, and can't use squid to handle https traffic behind parent
> proxy. I also tried with proxychains + squid, but without luck, it didn't
> work, so could I ask your configuration about proxychains + squid ? this is
> mine:
>
> for proxychains, it's very easy:
> strict_chain
> [ProxyList]
> http 127.0.0.1 12345 (for some reason, I must use ssh reverse tunnel to map
> my parent http proxy to my local port 12345)
>
> for squid 3.4:
Please upgrade to the latest Squid.
SSL-Bump in particular is a feature that is taking part in an arms-race.
It changes, and it changes fast. Sometimes on a daily or weekly basis.
These particular use-case issue was resolved in the current Squid 3.5
and 4.x. But does remain for traffic received by explicit proxies in the
middle of a 3+ proxy chain.
Amos
More information about the squid-users
mailing list