[squid-users] SSL Bump and NF getsockopt failed
Job
Job at colliniconsulting.it
Fri Oct 2 11:31:43 UTC 2015
Hello,
i have enabled SSL Bump with certificates, i redirect the 443 on the 3129 port of my Squid server but https sites are not accessible anymore and i can see these errors in logs:
ERROR: NF getsockopt(ORIGINAL_DST) failed on local=192.168.10.xxx
The section regardings SSL Bump in squid.conf if the following:
http_port 3128
https_port 3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=16MB cert=/etc/squid/ssl/squid.pem key=/etc/squid/ssl/squid.key
sslcrtd_program /usr/lib/squid/ssl_crtd -s /var/lib/squid_ssl_db -M 16MB
sslcrtd_children 50 startup=5 idle=1
ssl_bump server-first all
And https traffic, with NAT, goes out with any problems.
Where am i wrong?
Thank you!
Francesco
More information about the squid-users
mailing list