[squid-users] SSL Accel Connection Reset
Robert Gabriel
squid at ephemeric.online
Tue Nov 21 10:36:53 UTC 2017
Hi Amos,
Oh man, I feel so stupid. Thank you for pointing that out.
I apologise for my ignorance to all on the list.
It's all working now, cheers!
On Tue 21 Nov, 05:31, Amos Jeffries wrote:
> On 21/11/17 02:24, Robert Gabriel wrote:
> >Hi,
> >
> >I've tried to setup SSL accel AKA reverse proxy. The HTTP accel part works but no joy
> >for the SSL side. Maybe I've misunderstood or misconfigured something?
> >
> >Thank you for the help.
> >
> >[root at node03 tmp]# export https_proxy="https://192.168.122.130:443"
> >
> >[root at node03 tmp]# curl -v --insecure https://data.ephemeric.local/test.tgz
>
> As you can see from the below curl is using a CONNECT tunnel, which are only
> valid to a forward-proxy.
>
> The https_port in Squid is expecting the TCP connection to immediately start
> with TLS traffic. Not a plain-text CONNECT message.
>
>
> >* About to connect() to proxy 192.168.122.130 port 443 (#0)
> >* Trying 192.168.122.130...
> >* Connected to 192.168.122.130 (192.168.122.130) port 443 (#0)
> >* Establish HTTP proxy tunnel to data.ephemeric.local:443
> >>CONNECT data.ephemeric.local:443 HTTP/1.1
> >>Host: data.ephemeric.local:443
> >>User-Agent: curl/7.29.0
> >>Proxy-Connection: Keep-Alive
> >>
>
>
> Amos
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list