TLDR Skip to ----------
I have squid 3.5.7 installed on linux with the following configure options:
'--build=arm-linux-gnueabihf' '--prefix=/usr' '--localstatedir=/var'
'--libexecdir=/usr/lib/squid' '--srcdir=.' '--datadir=/usr/share/squid'
'--sysconfdir=/etc/squid' '--with-default-user=proxy' '--with-logdir=/var/log'
'--with-pidfile=/var/run/squid.pid' '--enable-ssl' '--with-openssl'
'--enable-ssl-crtd' '--enable-delay-pools'
'--enable-external-acl-helpers=session' 'build_alias=arm-linux-gnueabihf'
I have the following ports assigned in squid.conf:
http_port 3129
http_port 3128 intercept
https_port 3130 intercept ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB cert=/etc/squid/myCA.pem
I also have IPTables redirecting port 443 traffic to port 3130 and port 80
traffic to 3128
For port 80 HTTP traffic the proxy works fine pages load except blocked ones
which the proxy successfully replaces which blocked message
Port 443 HTTPS traffic is successfully bumped by squid and the certificate is
replaced with the dynamically generated one.
----------
HOWEVER
The page squid serves over the browser-squid tunnel is the ERR_DNS_FAIL error
page with the %H hostname template code evaluated to 'http' (without quotes)
Also in the cache.log the following message appears after every HTTPS request
FATAL: Unable to open HTTPS Socket
Nothing else is using the 3130 port as when I stop squid I am able to run a web
server off this port (no it *definitely* isn't the web server using the port I
just started it as a test)
I have no clue what is wrong. Please Help!! Thank you!
_______________________________________________
squid-users mailing list
[email protected]
http://lists.squid-cache.org/listinfo/squid-users
