I do not think this solution is correct.
The SSL_Ports ACL should already contain "443". So the traffic was
**not** being blocked by this line:
"deny CONNECT !SSL_Ports"
AFAICS the lack of URL-path details on the CONNECT request was failing
to match the urlpath_regex ACL.
FYI;
While mos
Hello Francesco,
> I have refreshed the site certificate, it works for me now. Can you
> check it works for you as well?
yes, the certificate is correct now, but the correct content is not
displayed:
"Nothing to see here, for now"
it would be nice if the same content was displayed as at www.squ
Solution:
It is the error message 'TCP_DENIED/200 0 CONNECT' wich showed me the way.
Directive is too restrictive:
http_access deny CONNECT !SSL_ports
It works now with:
http_access allow CONNECT safe_ports
where safe ports are:
80, 443, 1025-65535 (maybe too large)
Hello,
I am using Squid 5.7 on a Debian 12 system.
I would like to grant only some given URL path for a site using HTTPS.
For example, in the following configuration:
...
http_port 3128 ssl-bump tcpkeepalive=60,30,3 \
cert=/etc/squid/certs/signingCA.crt \
key=/etc/squid/certs/signin
Hi Dieter,
I have refreshed the site certificate, it works for me now. Can you
check it works for you as well?
Thanks
On Mon, Feb 24, 2025 at 3:22 PM Dieter Bloms wrote:
>
> Hello,
>
> There is an A Record entry (104.130.201.120) for squid-cache.org as well as
> for www.squid-cache.org.
> How
