On 7/02/2015 7:32 p.m., Ignazio Raia wrote:
> Good morning Amos,
> here is my squid.conf, basic_db_auth script and the shell test.
> thanks a lot for your interesting and help.
>
> TEST MADE FROM VIA ssh CONNECTION TO MY LAMP & SQUID SERVER (ssh
> ignazio@192.168.2.1)
> $ sudo /usr/lib/squid3/bas
On 7/02/2015 5:41 p.m., Luis Miguel Silva wrote:
> Antony,
>
> *Comments inline!*
>
Did you see the reply I sent a few days ago?
... in your previous thread entitled "SSL-bump certificate issues
(mostly on Chrome, when accessing Google websites) "
Amos
_
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 7/02/2015 7:51 p.m., Priya Agarwal wrote:
> Actually I am unable to mail to squid-dev. Thus asking here.
> How/where does squid open the network interface and starts
> listening on them.
>
I already went over how Squid only goes down to the TCP s
I did when you sent it but it seemed to me you were saying I should add
that "reply_header_access Alternate-Protocol deny all" config parameter
but, on the other hand, I didn't understand why were you suggesting that,
seeing that my problem is that Chrome doesn't go through my proxy at all!
(I'm do
Hey Stefano,
Can you get some access.log output from the time the issue appears\happens?
Eliezer
On 06/02/2015 15:01, Stefano Ansaloni wrote:
Tested with icap disabled: the issue still there.
___
squid-users mailing list
squid-users@lists.squid-ca
Hi all,
I have a question about the CA file for SSL certificates. If I don't
specify anything for CA, what is default CA certs that squid will use for
the cache_peer ?
Here is a snippet of my config file.
https_port 127.0.0.1:4443 accel \
cert=/etc/certs/certificate \
key=/etc/certs/key
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You need openssl CA's bundle.
Which can be specify with capath= parameter.
08.02.2015 2:28, Hector Chan пишет:
> Hi all,
>
> I have a question about the CA file for SSL certificates. If I don't
specify anything for CA, what is default CA certs tha
I'm getting some "kid registration timed out" messages sometimes
Squid 3.5.1
Specially in servers with 6 workers and 6 cache discs (Each worker has a
cache_dir in each disc for IO balancing)
If I use only 4 discs the problem disapears.
The error appears about 7 seconds after starting squid.
Th
On 8/02/2015 5:34 a.m., Luis Miguel Silva wrote:
> I did when you sent it but it seemed to me you were saying I should add
> that "reply_header_access Alternate-Protocol deny all" config parameter
> but, on the other hand, I didn't understand why were you suggesting that,
> seeing that my problem i
On 8/02/2015 9:28 a.m., Hector Chan wrote:
> Hi all,
>
> I have a question about the CA file for SSL certificates. If I don't
> specify anything for CA, what is default CA certs that squid will use for
> the cache_peer ?
The ones OpenSSL is configured to use.
>
> Here is a snippet of my config
Ok, I'm using 3.4.9, so I've added that config option to my setup :o)
Thanks for the tip!
Luis
On Sat, Feb 7, 2015 at 6:11 PM, Amos Jeffries wrote:
> On 8/02/2015 5:34 a.m., Luis Miguel Silva wrote:
> > I did when you sent it but it seemed to me you were saying I should add
> > that "reply_head
Yuri and Amos, thanks for the replies! There is an openssl command that
tells where OpenSSL will search for CA certs.
$ openssl version -d
OPENSSLDIR: "/etc/pki/tls"
On Sat, Feb 7, 2015 at 5:19 PM, Amos Jeffries wrote:
> On 8/02/2015 9:28 a.m., Hector Chan wrote:
> > Hi all,
> >
> > I have a
FYI, I finally solved my problem!
It turns out the problem was with PRE-ESTABLISHED connections...
In other words, when I turned on my transparent rules, any Chrome tabs I
had opened BEFORE turning on my transparent proxy rules, apparently would
communicate over a previously opened socket! So the
13 matches
Mail list logo
