[squid-users] will multiple tls_outgoing_options lines be combined?

Amish anon.amish at gmail.com
Tue Jul 3 11:23:27 UTC 2018


Hello,

I am trying new options in squid 4.1.

For easy readability can I use tls_outgoing_options multiple times in 
squid.conf?

Like this: (Tips from 
https://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit)

tls_outgoing_options cafile=/etc/ssl/cert.pem
tls_outgoing_options options=NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE
tls_outgoing_options 
cipher=HIGH:MEDIUM:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS

Will it merge all 3 as if mentioned on 1 single line?
Or will it pick only last (or first) option and internal defaults for rest?

I am not an SSL/TLS expert so I do not know how to test this i.e. how to 
know if its really working.

For some reason "debug_options 3,9" is not generating anything in cache.log.

Note: Debug Section 3 = Configuration File Parsing

Thanks in advance,

Amish.



More information about the squid-users mailing list