[squid-users] SSL Accel Connection Reset
Amos Jeffries
squid3 at treenet.co.nz
Mon Nov 20 16:31:36 UTC 2017
On 21/11/17 02:24, Robert Gabriel wrote:
> Hi,
>
> I've tried to setup SSL accel AKA reverse proxy. The HTTP accel part works but no joy
> for the SSL side. Maybe I've misunderstood or misconfigured something?
>
> Thank you for the help.
>
> [root at node03 tmp]# export https_proxy="https://192.168.122.130:443"
>
> [root at node03 tmp]# curl -v --insecure https://data.ephemeric.local/test.tgz
As you can see from the below curl is using a CONNECT tunnel, which are
only valid to a forward-proxy.
The https_port in Squid is expecting the TCP connection to immediately
start with TLS traffic. Not a plain-text CONNECT message.
> * About to connect() to proxy 192.168.122.130 port 443 (#0)
> * Trying 192.168.122.130...
> * Connected to 192.168.122.130 (192.168.122.130) port 443 (#0)
> * Establish HTTP proxy tunnel to data.ephemeric.local:443
>> CONNECT data.ephemeric.local:443 HTTP/1.1
>> Host: data.ephemeric.local:443
>> User-Agent: curl/7.29.0
>> Proxy-Connection: Keep-Alive
>>
Amos
More information about the squid-users
mailing list