Re: [squid-users] SSL options on different http_port resolving into a single config for all ports

On 27/07/17 19:57, Wahaj Ali wrote: Resending the logs as they were not formatted correctly: First request going to port 3128 root@madmin-VirtualBox:/home/madmin# export https_proxy="127.0.0.1:3128" AFAIK, the above is in valid value for the https_proxy variable. It is missing the URL scheme

Re: [squid-users] How to tell HTTPS traffic is using cache from access.log in 3.5.x when using ssl_bump

On 28/07/17 10:32, Lei Wen wrote: Hi Amos, /Squid does not support relaying decrypted https:// requests over an insecure connection. So HTTP cache_peer connections will be refused./ Do you mean HTTPS cache_peer connections will be refused? No, I mean un-encrypted cache_peer connection

Re: [squid-users] ntml winbindd_privileged permission issue

On 28/07/17 05:16, Dijxie wrote: On 2017-07-27 18:15, Max Ashton wrote: Hi guys, I have just configured our squid proxy to use ntlm authentication. I am failing to find correct file permission for the /var/lib/samba/winbindd_privileged folder. Squid failed to authenticate using winbind when

Re: [squid-users] How to tell HTTPS traffic is using cache from access.log in 3.5.x when using ssl_bump

Hi Amos, *Squid does not support relaying decrypted https:// requests over an > insecure connection. So HTTP cache_peer connections will be refused.* Do you mean HTTPS cache_peer connections will be refused? *Also, when TLS cache_peer is used Squid is unable to tell the difference > between the

Re: [squid-users] ntml winbindd_privileged permission issue

On 2017-07-27 18:15, Max Ashton wrote: Hi guys, I have just configured our squid proxy to use ntlm authentication. I am failing to find correct file permission for the /var/lib/samba/winbindd_privileged folder. Squid failed to authenticate using winbind when the following file permissions are

[squid-users] ntml winbindd_privileged permission issue

Hi guys, I have just configured our squid proxy to use ntlm authentication. I am failing to find correct file permission for the /var/lib/samba/winbindd_privileged folder. Squid failed to authenticate using winbind when the following file permissions are set 750, I get the following error in t

Re: [squid-users] Kerberos access denied and reauthentication

On 2017-07-27 10:27, Grey wrote: Hi, I'm trying to setup a proxy server using Squid 3.5.23 on Debian 9; I've successfully setup Kerberos authentication generating the keytab file with ktutil and manually setting the required SPN on my Windows domain controller. The problem I'm encountering is tha

[squid-users] Kerberos access denied and reauthentication

Hi, I'm trying to setup a proxy server using Squid 3.5.23 on Debian 9; I've successfully setup Kerberos authentication generating the keytab file with ktutil and manually setting the required SPN on my Windows domain controller. The problem I'm encountering is that sometimes (right now I'm the only

Re: [squid-users] SSL options on different http_port resolving into a single config for all ports

Resending the logs as they were not formatted correctly: First request going to port 3128 root@madmin-VirtualBox:/home/madmin# export https_proxy="127.0.0.1:3128" root@madmin-VirtualBox:/home/madmin# curl -v https://uatmail02.cimb.com -ssl3 * About to connect() to proxy 127.0.0.1 port 3128 (#0) *

[squid-users] SSL options on different http_port resolving into a single config for all ports

With squid 3.5.25, I have two http_port configs, on one of which I want to disable SSLv3 while leaving it enabled on the other. Here is part of that config: http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/home/madmin/certs/elastica-ca.pem key=/home/m