Re: [squid-users] iOS 10.x, https and squid
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 02.11.2016 0:47, Eugene M. Zheganin пишет: > Hi. > > Does anyone have issues with iOS 10.x devices connecting through proxy (3.5.x) to the https-enabled sites ? Because I do. Non-https sites work just fine, but https ones just stuck on loading. First I thought that this is a problem with sslBump and disabled it, but this didn't help. I got in access log this: > > 1478024222.324 48 192.168.243.10 TCP_DENIED/407 4388 CONNECT www.cisco.com:443 - HIER_NONE/- text/html > 1478024222.373 0 192.168.243.10 TCP_DENIED/407 4649 CONNECT www.cisco.com:443 - HIER_NONE/- text/html > 1478024222.468 53 192.168.243.10 TCP_TUNNEL/200 0 CONNECT www.cisco.com:443 emz HIER_DIRECT/2a02:26f0:18:185::90 - > > and when requesting http version: > > 1478024355.685 69 192.168.243.10 TCP_MISS/200 14297 GET http://www.cisco.com/ emz HIER_DIRECT/2a02:26f0:18:19e::90 text/html > 1478024355.885 47 192.168.243.10 TCP_MISS/304 335 GET http://www.cisco.com/etc/designs/cdc/clientlibs/responsive/css/cisco-sans.min.css emz HIER_DIRECT/2a02:26f0:18:19e::90 text/css > 1478024355.910 45 192.168.243.10 TCP_REFRESH_UNMODIFIED/304 341 GET http://players.brightcove.net/1384193102001/NJgI8K0ie_default/index.min.js emz HIER_DIRECT/2.22.40.126 application/javascript > 1478024355.942 0 192.168.243.10 TCP_DENIED/407 6611 GET http://www.cisco.com/etc/designs/catalog/ps/clientlib-all/custom-fonts/cisco-sans.min.css - HIER_NONE/- text/html > 1478024355.969 60 192.168.243.10 TCP_MISS/304 335 GET http://www.cisco.com/etc/designs/catalog/ps/clientlib-all/css/cisco-sans.min.css emz HIER_DIRECT/2a02:26f0:18:19e::90 text/css > > [...lots of other access stuff...] > > Some may think "dude, you just misconfigured your squid". But the thing is, other browsers just work (and I don't have MacBook to test if laptops will), I have a couple of iPhones, they don't work. Funny thing: with disabled authentication (when my iphone IP is allowed) the browser on iOS loads https sites just fine. Use interception proxy, Luke :) For iPhones :) > > Thanks. > > Eugene. > > ___ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users - -- Cats - delicious. You just do not know how to cook them. -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJYGOkcAAoJENNXIZxhPexGmOUH/1zTdrYouHq0Ca+34IWSz07k gP3bPhOWSnjIDmdI0emWmexzYyPeazLnLau7PwZ4EBwgAKgfZAADYCBtQt+B9ZKz 4zr1ETnV3QSYmd3RVt++BF1FyPiyexYDlvWuxkLrMOFm0E3V4gr786eaP872rhuN RehPQMcGLahI440/KyCR+pxHd030qo6zWOHf+V1E2W+bkCOrQQAUjAe5rySbZHD1 x71kr3OeIptmt89Q9F9GuXLwtiUS+okbcIzVv6xT48RNAz1h7WEA6gqMYyJRxeqZ 2BSOlQ7ehj411KPNM1ipzP0CrCrfC+M5Qr0bpKZ4gsZOlKHxgOBLR5tC4aVyqlQ= =hT2y -END PGP SIGNATURE- 0x613DEC46.asc Description: application/pgp-keys ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] iOS 10.x, https and squid
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 02.11.2016 0:47, Eugene M. Zheganin пишет: > Hi. > > Does anyone have issues with iOS 10.x devices connecting through proxy (3.5.x) to the https-enabled sites ? Because I do. Non-https sites work just fine, but https ones just stuck on loading. First I thought that this is a problem with sslBump and disabled it, but this didn't help. I got in access log this: > > 1478024222.324 48 192.168.243.10 TCP_DENIED/407 4388 CONNECT www.cisco.com:443 - HIER_NONE/- text/html > 1478024222.373 0 192.168.243.10 TCP_DENIED/407 4649 CONNECT www.cisco.com:443 - HIER_NONE/- text/html > 1478024222.468 53 192.168.243.10 TCP_TUNNEL/200 0 CONNECT www.cisco.com:443 emz HIER_DIRECT/2a02:26f0:18:185::90 - > > and when requesting http version: > > 1478024355.685 69 192.168.243.10 TCP_MISS/200 14297 GET http://www.cisco.com/ emz HIER_DIRECT/2a02:26f0:18:19e::90 text/html > 1478024355.885 47 192.168.243.10 TCP_MISS/304 335 GET http://www.cisco.com/etc/designs/cdc/clientlibs/responsive/css/cisco-sans.min.css emz HIER_DIRECT/2a02:26f0:18:19e::90 text/css > 1478024355.910 45 192.168.243.10 TCP_REFRESH_UNMODIFIED/304 341 GET http://players.brightcove.net/1384193102001/NJgI8K0ie_default/index.min.js emz HIER_DIRECT/2.22.40.126 application/javascript > 1478024355.942 0 192.168.243.10 TCP_DENIED/407 6611 GET http://www.cisco.com/etc/designs/catalog/ps/clientlib-all/custom-fonts/cisco-sans.min.css - HIER_NONE/- text/html > 1478024355.969 60 192.168.243.10 TCP_MISS/304 335 GET http://www.cisco.com/etc/designs/catalog/ps/clientlib-all/css/cisco-sans.min.css emz HIER_DIRECT/2a02:26f0:18:19e::90 text/css > > [...lots of other access stuff...] > > Some may think "dude, you just misconfigured your squid". But the thing is, other browsers just work (and I don't have MacBook to test if laptops will), I have a couple of We also do not have iPhones and :) > iPhones, they don't work. Funny thing: with disabled authentication (when my > iphone IP is allowed) the browser on iOS loads https sites just fine. > > Thanks. > > Eugene. > > ___ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users - -- Cats - delicious. You just do not know how to cook them. -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJYGOi/AAoJENNXIZxhPexGUTIH/07rehBiBwbNEhI29vLgyYYq 06SMhJawgucwxnjtXZ9MO+wSDFoghEVmp9Kl6JoyBfZym6sGPvm/ARUNAtxLOQzc bonDAKyM5w95/QymBPe3M2P/xOTMyq69HZxfrS3JFduYWNqnbO5IZz6ssnt5bp4t 7eQ1qRZJCdtzWRGh2wPu00NwNhdlweZrN/IeG9pFcr3j0ib1BGngCEiaKqoBGGLw la1Ne+FT38eGMmvYH19znxg/as1QgLzh9V8CDYN15+HQS3vtfWyVvs0p3Fvs/V95 PU1HUv5WQmjKNq7EDM6UpG6rnizbrug1iyoQGLsnOJ/F0MW74Za3CJp0eiUVgP0= =fN0v -END PGP SIGNATURE- 0x613DEC46.asc Description: application/pgp-keys ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
[squid-users] iOS 10.x, https and squid
Hi. Does anyone have issues with iOS 10.x devices connecting through proxy (3.5.x) to the https-enabled sites ? Because I do. Non-https sites work just fine, but https ones just stuck on loading. First I thought that this is a problem with sslBump and disabled it, but this didn't help. I got in access log this: 1478024222.324 48 192.168.243.10 TCP_DENIED/407 4388 CONNECT www.cisco.com:443 - HIER_NONE/- text/html 1478024222.373 0 192.168.243.10 TCP_DENIED/407 4649 CONNECT www.cisco.com:443 - HIER_NONE/- text/html 1478024222.468 53 192.168.243.10 TCP_TUNNEL/200 0 CONNECT www.cisco.com:443 emz HIER_DIRECT/2a02:26f0:18:185::90 - and when requesting http version: 1478024355.685 69 192.168.243.10 TCP_MISS/200 14297 GET http://www.cisco.com/ emz HIER_DIRECT/2a02:26f0:18:19e::90 text/html 1478024355.885 47 192.168.243.10 TCP_MISS/304 335 GET http://www.cisco.com/etc/designs/cdc/clientlibs/responsive/css/cisco-sans.min.css emz HIER_DIRECT/2a02:26f0:18:19e::90 text/css 1478024355.910 45 192.168.243.10 TCP_REFRESH_UNMODIFIED/304 341 GET http://players.brightcove.net/1384193102001/NJgI8K0ie_default/index.min.js emz HIER_DIRECT/2.22.40.126 application/javascript 1478024355.942 0 192.168.243.10 TCP_DENIED/407 6611 GET http://www.cisco.com/etc/designs/catalog/ps/clientlib-all/custom-fonts/cisco-sans.min.css - HIER_NONE/- text/html 1478024355.969 60 192.168.243.10 TCP_MISS/304 335 GET http://www.cisco.com/etc/designs/catalog/ps/clientlib-all/css/cisco-sans.min.css emz HIER_DIRECT/2a02:26f0:18:19e::90 text/css [...lots of other access stuff...] Some may think "dude, you just misconfigured your squid". But the thing is, other browsers just work (and I don't have MacBook to test if laptops will), I have a couple of iPhones, they don't work. Funny thing: with disabled authentication (when my iphone IP is allowed) the browser on iOS loads https sites just fine. Thanks. Eugene. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
