Try removing: cipher=ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:AES128-SHA:RC4-SHA:HIGH:!aNULL:!MD5:!ADH
From the ssl-bump line and see what happens. ---- http://ngtech.co.il/lmgtfy/ Linux System Administrator Mobile: +972-5-28704261 Email: elie...@ngtech.co.il From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of Sameh Onaissi Sent: Thursday, January 12, 2017 11:10 PM To: squid-users@lists.squid-cache.org Subject: [squid-users] A bunch of SSL errors I am not sure why System info: Squid Cache: Version 3.5.22 Ubuntu linux 16.04 Hello, Last couple of days I have started seeing SSL errors in my cache.log which I don’t really understand: http://pastebin.com/mDHVm7cQ My SSL bump configs: http_port 3127 intercept http_port 3128 https_port 3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_certs/squid.crt key=/etc/squid/ssl_certs/squid.key cipher=ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:AES128-SHA:RC4-SHA:HIGH:!aNULL:!MD5:!ADH acl step1 at_step SslBump1 acl step2 at_step SslBump2 acl step3 at_step SslBump3 ssl_bump peek step1 all ssl_bump bump all I have tried deleting /var/lib/ssh_db and recreating a fresh one, restarted squid, and no luck. While the service still works fine, some websites like https://web.dlinkla.com/websys were showing a handshake error until I added the site IP into a bypass list. The internet speed also drops every now and then due to this. Any help is appreciated with these errors. Thanks, Sam _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
