Re: [squid-users] OWA on Exchange 2003 proxy

From: Alan Lehman <[email protected]>
Date: Mon, 08 Mar 2004 22:43:27 -0600

Henrik Nordstrom wrote:
> On Fri, 31 Oct 2003, Jonathan Giles wrote:
>
>
>>1067612977.854 22 10.1.16.100 TCP_MISS/400 262 GET
>>https://owa.clinedavis.com/exchange -
>>FIRST_UP_PARENT/owa.clinedavis.com text/html
>>
>>TCP_MISS means that the page wasn't in the cache, so I should just
>>ignore it right?
>
>
> Right.. but the /400 code indicates a fatal error returned by the
> contacted server.
>
> Try specifying the OWA Server by IP address in your cache_peer directive.
> I think that your Squid for some reason is talking to itself instead of
> the owa server in this configuration.
>
>
>>>Note: You do not need to specify the server by name in cache_peer.
>>>Using
>>>IP addresses is fine here.
>>
>>but the name should work right?
>
>
> Yes.
>
> Regards
> Henrik

I am seeing this same problem with the following config. My OWA server listens for http connections on port 80. I want the clients
to connect to squid with https on port 443.

etc/squid.conf:
https_port 443 cert=/etc/openssl/cacert.pem key=/etc/openssl/privkey.pem defaultsite=owa.gbutler.com
cache_peer w.x.y.z parent 80 0 no-query front-end-https=on

etc/hosts:
w.x.y.z owa.gbutler.com

result:
Bad Request (Invalid URL)
1078805575.510 6 65.26.58.221 TCP_MISS/400 253 GET https://owa.gbutler.com/exchange/ - FIRST_UP_PARENT/w.x.y.z text/html

If I add 'login=pass' to cache_peer, I get the same result:
1078805481.996 6 65.26.58.221 TCP_MISS/400 253 GET https://owa.gbutler.com/exchange/ - FIRST_UP_PARENT/w.x.y.z text/html

If I add 'originserver' to cache_peer, then it prompts for a login, but will not authenticate:
1078805391.337 3 65.26.58.221 TCP_MISS/401 402 GET https://owa.gbutler.com/exchange/ - FIRST_UP_PARENT/w.x.y.z text/html

It seems to work fine if I configure for http clients on port 80.
Do I need to do something else to use https clients with OWA on http?

Thanks,
Alan Lehman
Received on Mon Mar 08 2004 - 21:45:19 MST

This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:02 MST