[squid-users] https --> http reverse proxy problem

From: Mirabello Massimiliano <[email protected]>
Date: Tue, 1 Apr 2008 17:55:51 +0200

Hi all,

I have a problem with squid in reverse proxy mode (squid-2.6.STABLE16 on
HP-UX).
I need to redirect an https port on squid server to a http port on the
backend server
that's my configuration:

###########################
acl Safe_ports port 37500-37501
acl xprov0_sec myport 37500
acl xprov0_unsec myport 37501

http_port 37501 accel defaultsite=ipahu016
https_port 37500 cert=/opt/hpws/apache/conf/ipahu016.crt
key=/opt/hpws/apache/conf/ipahu016.key protocol=http accel
defaultsite=ipahu016
#[...]

cache_peer cmapache parent 27500 0 name=xprov0 proxy-only
originserver
cache_peer cmapache parent 27501 0 name=xprov1 proxy-only
originserver

#[...]

cache_peer_access xprov0 allow xprov0_sec mynet
cache_peer_access xprov1 allow xprov0_unsec mynet

#[...]
visible_hostname ipahu016
#[...]
########################

Squid redirect correctly http port (37501) to 27501,while I can't open
https://ipahu016:37500.

My cache.log reports:
2008/04/01 17:53:50| clientNegotiateSSL: Error negotiating SSL
connection on FD 11: error:140B512D:SSL routines:SSL_GET_NEW_SESSION:ssl
session id callback failed (1/-1)

I searched on squid mailing lists for a while but found nothing.

Any hint, please?

Thanks in advance,
Massimiliano

Internet Email Confidentiality Footer
-----------------------------------------------------------------------------------------------------
La presente comunicazione, con le informazioni in essa contenute e ogni documento o file allegato, e' rivolta unicamente alla/e persona/e cui e' indirizzata ed alle altre da questa autorizzata/e a riceverla. Se non siete i destinatari/autorizzati siete avvisati che qualsiasi azione, copia, comunicazione, divulgazione o simili basate sul contenuto di tali informazioni e' vietata e potrebbe essere contro la legge (art. 616 C.P., D.Lgs n. 196/2003 Codice in materia di protezione dei dati personali). Se avete ricevuto questa comunicazione per errore, vi preghiamo di darne immediata notizia al mittente e di distruggere il messaggio originale e ogni file allegato senza farne copia alcuna o riprodurne in alcun modo il contenuto.

This e-mail and its attachments are intended for the addressee(s) only and are confidential and/or may contain legally privileged information. If you have received this message by mistake or are not one of the addressees above, you may take no action based on it, and you may not copy or show it to anyone; please reply to this e-mail and point out the error which has occurred.
-----------------------------------------------------------------------------------------------------
Received on Tue Apr 01 2008 - 10:13:47 MDT

This archive was generated by hypermail 2.2.0 : Thu May 01 2008 - 12:00:03 MDT