[squid-users] TCP FIN,ACK after ServerHelloDone with pcmag.com
Ahmad, Sarfaraz
Sarfaraz.Ahmad at deshaw.com
Thu May 17 10:47:36 UTC 2018
Guys,
Any thoughts ?
Regards,
Sarfaraz
-----Original Message-----
From: Ahmad, Sarfaraz
Sent: Wednesday, May 16, 2018 10:36 AM
To: 'Marcus Kool' <marcus.kool at urlfilterdb.com>; squid-users at lists.squid-cache.org
Subject: RE: [squid-users] TCP FIN,ACK after ServerHelloDone with pcmag.com
I see a message similar to Marcus' in cache.log.
2018/05/16 00:20:10 kid1| ERROR: negotiating TLS on FD 77: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (1/-1/0)
And I am running squid-4.0.24.
Sarfaraz
-----Original Message-----
From: squid-users <squid-users-bounces at lists.squid-cache.org> On Behalf Of Marcus Kool
Sent: Wednesday, May 16, 2018 1:41 AM
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] TCP FIN,ACK after ServerHelloDone with pcmag.com
The proxies that I used for the test have Squid 4.0.22 and Squid 4.0.23.
Marcus
On 15/05/18 15:40, Amos Jeffries wrote:
> On 16/05/18 01:32, Marcus Kool wrote:
>> pcmag.com also does not load here, although my config parameters are
>> slightly different.
>> The certificate is indeed huge...
>> Do you have
>> ERROR: negotiating TLS on FD NNN: error:14090086:SSL
>> routines:ssl3_get_server_certificate:certificate verify failed
>> (1/-1/0) or other errors in cache.log ?
>>
>> Marcus
>>
>
> Are these Squid-4.0.24 ? There is a regression[1] in the cafile=
> parameter handling in the latest release.
> <https://bugs.squid-cache.org/show_bug.cgi?id=4831>
>
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list