Hi Squid Users, with Squid 4.6 I cannot open these 2 domains when SSL bump is enabled:
https://www.hays.de https://www.plantronics.com Both are showing me a different type of error, details below. I could not find any HPKP site or subdomain there, so I guess Squid has another problem with this domains. Can somebody explain me how I should debug that correctly, to open a bugreport? ### Bump Settings: acl domains_dont_sslbump ssl::server_name_regex "/etc/squid/ka/domains_dont_sslbump.acl" acl domains_dont_sslbump ssl::server_name_regex "/etc/squid/blacklists/blacklist_ut1/blacklists/bank/domains" acl domains_dont_sslbump ssl::server_name_regex "/etc/squid/blacklists/blacklist_shallalist/BL/finance/banking/domains" acl domains_dont_sslbump ssl::server_name_regex "/etc/squid/blacklists/blacklist_shallalist/BL/finance/other/domains" http_port proxy02:8080 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/certs/cert.pem key=/etc/squid/certs/key.ohnersa.pem sslcrtd_program /usr/lib/squid/security_file_certgen -s /var/lib/ssl_db -M 4MB always_direct allow all acl step1 at_step SslBump1 ssl_bump peek step1 ssl_bump bump all !domains_dont_sslbump #### hays.de: 1555577795.968 1 172.16.x.x TCP_DENIED/407 4995 GET http://hays.de/ - HIER_NONE/- text/html 1555577796.067 63 172.16.x.x TCP_MISS/301 465 GET http://hays.de/ user1 HIER_DIRECT/149.126.72.70 - 1555577796.083 0 172.16.x.x TCP_DENIED/407 4124 CONNECT hays.de:443 - HIER_NONE/- text/html 1555577796.101 1 172.16.x.x TCP_DENIED/407 4460 CONNECT hays.de:443 - HIER_NONE/- text/html 1555577796.202 86 172.16.x.x NONE/200 0 CONNECT hays.de:443 user1 HIER_DIRECT/149.126.72.70 - 1555577796.302 15 172.16.x.x TCP_MISS/301 345 GET https://hays.de/ user1 HIER_DIRECT/149.126.72.70 - 1555577796.320 0 172.16.x.x TCP_DENIED/407 4140 CONNECT www.hays.de:443 - HIER_NONE/- text/html 1555577796.333 1 172.16.x.x TCP_DENIED/407 4476 CONNECT www.hays.de:443 - HIER_NONE/- text/html 1555577796.507 158 172.16.x.x NONE/200 0 CONNECT www.hays.de:443 user1 HIER_DIRECT/149.126.77.70 - 1555577796.602 30 172.16.x.x TCP_MISS_ABORTED/000 0 GET https://www.hays.de/ user1 HIER_DIRECT/149.126.77.70 - Error displayed on https://www.hays.de (from the Browser Chrome/or Firefox): Chrome: ERR_EMPTY_RESPONSE Firefox: Secure Connection Failed // An error occurred during a connection to www.hays.de. // The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. // Please contact the website owners to inform them of this problem. Header Response while this error message is displayed: HTTP/1.1 200 Connection established Server: squid Mime-Version: 1.0 Date: Thu, 18 Apr 2019 09:05:28 GMT Content-Type: text/html;charset=utf-8 Content-Length: 3759 X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0 Proxy-Authenticate: NTLM VNTUAACAAAADAAMAD(...) X-Cache: MISS from proxy02 X-Cache-Lookup: NONE from proxy02:8080 Via: 1.1 proxy02 (squid) Connection: keep-alive #### plantronics.com 1555577912.476 391 172.16.x.x TCP_MISS/301 869 GET http://plantronics.com/ user1 HIER_DIRECT/198.231.10.19 text/html 1555577912.514 0 172.16.x.x TCP_DENIED/407 4172 CONNECT www.plantronics.com:443 - HIER_NONE/- text/html 1555577912.529 1 172.16.x.x TCP_DENIED/407 4508 CONNECT www.plantronics.com:443 - HIER_NONE/- text/html 1555577912.864 324 172.16.x.x NONE/200 0 CONNECT www.plantronics.com:443 user1 HIER_DIRECT/54.192.94.216 - 1555577913.564 521 172.16.x.x TCP_MISS/403 745 GET https://www.plantronics.com/ user1 HIER_DIRECT/54.192.94.216 text/html Error displayed on frontpage https://www.plantronics.com (from their Apache or Nginx): Forbidden You don't have permission to access /.noindex.html on this server.
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
