Re: [squid-users] https pages

Config: acl all src all acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl allowed_hosts src CLIENT.EXTERNAL.IP01/255.255.255.255 CLIENT.EXTERNAL.IP02/255.255.255.255 SERVER.EXTERNAL.IP01/255.255.255.255 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow allowed_hosts http_access allow localhost http_access deny all icp_access allow localhost icp_access allow allowed_hosts icp_access deny all http_port SERVER.EXTERNAL.IP01:3128 http_port SERVER.EXTERNAL.IP02:3128 acl ip01 myip SERVER.EXTERNAL.IP01 acl ip02 myip SERVER.EXTERNAL.IP02 tcp_outgoing_address SERVER.EXTERNAL.IP01 ip01 tcp_outgoing_address SERVER.EXTERNAL.IP02 ip02 hierarchy_stoplist cgi-bin ? access_log c:/squid/var/logs/access.log squid #Suggested default: refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 acl apache rep_header Server ^Apache broken_vary_encoding allow apache server_persistent_connections off forwarded_for off -- Thanks for the help, Mike ----- Original Message ---- > From: Amos Jeffries <squid3_at_treenet.co.nz> > To: Michael Johnston <mikej84_at_yahoo.com> > Cc: Henrik Nordstrom <henrik_at_henriknordstrom.net>; squid-users_at_squid-cache.org > Sent: Tuesday, July 8, 2008 11:55:14 PM > Subject: Re: [squid-users] https pages > > > I'm sorry for the delay in my response. I am using Windows Firewall on the > > Squid machine, and have added port 443 to the exceptions. I have even > > tried disabling the firewall and HTTPS still fails, and I get the same in > > the access.log. > > I should also mention that I have tried accessing HTTPS pages using the > > proxy from the proxy server itself. This does work as expected, but HTTPS > > from other machines connecting to the proxy server still fail. Does this > > suggest that the problem is with Squid or elsewhere? > > Oh, and I guess I should also mention that I'm now using 2.7.STABLE3 > > (standard). > > Thanks in advance for any help. > > Ah, Windows Firewall. I'll refrain from stating my true feelings about > that 'smart' firewall. Failure without the WFW even on shows its somewhere > else. Maybe in multiple failure points. > > What was your squid config again? > > Amos > > > > > > ----- Original Message ---- > >> From: Henrik Nordstrom > >> To: Michael Johnston > >> Cc: Squid Users > >> Sent: Monday, June 9, 2008 10:56:28 AM > >> Subject: Re: [squid-users] https pages > >> > >> On mån, 2008-06-09 at 05:21 -0700, Michael Johnston wrote: > >> > When I disabled the "friendly error messages" option in IE, the > >> message was > >> the same: "Internet Explorer cannot display the webpage" > >> > And in Netscape, I get an alert saying: "The document contains no > >> data" > >> > > >> > > Anything in Squid access.log? > >> > > > >> > This is what shows up in the access log: > >> > 1213013343.566    CLIENT.EXTERNAL.IP TCP_MISS/200 39 CONNECT > >> www.google.com:443 - DIRECT/72.14.205.104 - > >> > 1213013984.055    CLIENT.EXTERNAL.IP  TCP_MISS/200 39 CONNECT > >> www.yahoo.com:443 - DIRECT/209.191.93.52 - > >> > >> Do your firewall allow the Squid server to go out on port 443? > >> > >> Regards > >> Henrik > > > > > > > > > >
Received on Wed Jul 09 2008 - 14:31:08 MDT