[squid-users] Squid Proxy SSL Bump can not retrieve SSL session back to the client?
Alex Rousskov
rousskov at measurement-factory.com
Mon Dec 9 15:41:29 UTC 2019
On 12/8/19 1:53 AM, George Sheng wrote:
> From the debug I can also see the proxy connects towards the remote
> server, and proxy has negotiated fine with the server. the proxy
> receives 3 certificates from the server,
> and verification was fine to the server. But when the proxy trying to
> proceed with client negotiation, I got this error:
> 2019/12/07 20:48:59.761 kid1| 83,5| Session.cc(362)
> get_session_cb: Failed to retrieve SSL_SESSION from cache
As Amos has said, this failure to find a cached session is not an error
in itself. It is a cache miss. Look for problems after this log line.
> The alpine linux, using the wget https, got error message ssl_client:
> handshake failed: error:14004410:SSL routines:CONNECT_CR_SRVR_HELLO:sslv3
> alert handshake failure
OK.
> (on the proxy log, it is the same thing, can not
> somehow retrieve the ssl session, probably due to some TLS mismatch)
What happens on Squid side _after_ the TLS session is not found in the
cache?
Alex.
More information about the squid-users
mailing list