[squid-users] Howto enable openssl option UNSAFE_LEGACY_RENEGOTIATION ?

Dieter Bloms squid.org at bloms.de
Mon Jun 10 12:10:28 UTC 2024


Hello,

I have activated ssl_bump and must activate the UNSAFE_LEGACY_RENEGOTIATION option to enable access to https://cisco.com.
The web server does not support secure renegotiation.

I have tried to set the following options, but squid does not recognize any of them:

tls_outgoing_options options=UNSAFE_LEGACY_RENEGOTIATION

or 

tls_outgoing_options options=ALLOW_UNSAFE_LEGACY_RENEGOTIATION

and

tls_outgoing_options options=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION

but no matter which syntax I use, I always get the message during squid-k parse:

“2024/06/10 14:08:17| ERROR: Unknown TLS option ALLOW_UNSAFE_LEGACY_RENEGOTIATION”

How can I activate secure renegotiation for squid?

-- 
Regeards

  Dieter Bloms

--
I do not get viruses because I do not use MS software.
If you use Outlook then please do not put my email address in your
address-book so that WHEN you get a virus it won't use my address in the
From field.


More information about the squid-users mailing list