[squid-users] Question Regarding Squid Parent SSL

From: Christian Keil <[email protected]>
Date: Sat, 7 Jul 2007 15:16:25 +0200

Hello,

I was trying to get my Local Lan Squid Proxy to connect trough SSL to
my dedicated Server on the internet.

I have set it up as parent proxy in my squid.conf on my lan by adding :

cache_peer externalserverip parent 8080 3130 default ssl
sslcert=/etc/ssl/squid.crt sslkey=/etc/ssl/squid.key sslversion=1
I created the squid.crt & squid.key by myself.

on the external machine I have added:

https_port 8080 cert=/etc/ssl/squid.pem version=1

I have double chceked that the squid user is able to read
squid.crt/squid.key & squid.pem

My logfiles show the following:

Local-Net:
1183806725.866 76 10.224.208.81 TCP_MISS/503 1658 GET
http://www.google.de/ - NONE/- text/html
1183806728.094 1420 10.224.208.81 TCP_MISS/503 1475 GET
http://www.google.de/ - ANY_PARENT/externalserverip text/html
1183806751.594 0 10.224.208.81 TCP_MISS/503 1658 GET
http://www.google.de/ - NONE/- text/html
1183806753.553 1245 10.224.208.81 TCP_MISS/503 1475 GET
http://www.google.de/ - ANY_PARENT/externalserverip text/html
1183806754.371 0 10.224.208.81 TCP_MISS/503 1658 GET
http://www.google.de/ - NONE/- text/html
1183806756.203 1389 10.224.208.81 TCP_MISS/503 1475 GET
http://www.google.de/ - ANY_PARENT/externalserverip text/html

Remote-Squid:
1183813893.412 0 homeip UDP_MISS/000 42 ICP_QUERY
http://www.google.de/ - NONE/- -
1183813895.432 0 homeip UDP_MISS/000 205 ICP_QUERY
http://sb.google.com/safebrowsing/update?client=navclient-auto-ffox&appver=2.0.0.4&version=goog-white-domain:1:23,goog-white-url:1:371,goog-black-url:1:12236,goog-black-enchash:1:28736
- NONE/- -
1183813917.852 0 homeip UDP_MISS/000 42 ICP_QUERY
http://www.google.de/ - NONE/- -
1183813918.852 0 homeip UDP_MISS/000 42 ICP_QUERY
http://www.google.de/ - NONE/- -
1183813921.252 0 homeip UDP_MISS/000 42 ICP_QUERY
http://www.google.de/ - NONE/- -
1183813926.912 0 homeip UDP_MISS/000 44 ICP_QUERY
http://ocsp.thawte.com/ - NONE/- -

The Browser shows the following error :

While trying to retrieve the URL: http://www.google.de/

The following error was encountered:
Connection to parentproxyip Failed

The system returned: (71) Protocol error

The remote host or network may be down. Please try the request again.

Your cache administrator is root
 ________________________________
  Generated Sat, 07 Jul 2007 11:12:36 GMT by hera.localnet.corp
(squid/2.6.STABLE13)

Thanks for any help.

Kind Regards

Christian Keil
Received on Mon Jul 09 2007 - 01:31:28 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Aug 01 2007 - 12:00:03 MDT