[squid-users] need help with cachemgr
Hello need help with cachemgr, I using a squid as a reverse proxy mode, when I try to connect to retrive data using squidclient, connecting to cachemrg, only retrive squid OK, but the other values HIT, http request, etc, that ara usually retrived are not retrived. My case when I to try connect: squidclient -vv cache_object://localhost/ mgr:info -p 1084 verbosity level set to 2 Request: GET 1084 HTTP/1.0 User-Agent: squidclient/3.5.12 Accept: */* Connection: close . Transport detected: IPv4-only Resolving localhost ... Connecting... localhost (127.0.0.1:1084) Connected to: localhost (127.0.0.1:1084) Sending HTTP request ... done. verbosity level set to 2 Request: GET 1084 HTTP/1.0 User-Agent: squidclient/3.5.12 Accept: */* Connection: close . Transport detected: IPv4-only Resolving localhost ... Connecting... localhost (127.0.0.1:1084) Connected to: localhost (127.0.0.1:1084) Sending HTTP request ... done. Allways finish on --> "done" and not continue, do nothing The test that are trying is local not remote. regards. Juan Manuel. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] need help with cachemgr
On 11/27/18 6:13 AM, jmperrote wrote: > Hello need help with cachemgr, I using a squid as a reverse proxy mode, > when I try to connect to retrive data using squidclient, connecting to > cachemrg, only retrive squid OK, but the other values HIT, http request, > etc, that ara usually retrived are not retrived. > > My case when I to try connect: > > squidclient -vv cache_object://localhost/ mgr:info > -p 1084 Place all named options before the anonymous ones and use one (pseudo) URL at a time: squidclient -vv -p 1084 cache_object://localhost/ squidclient -vv -p 1084 mgr:info Alex. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] need help with cachemgr
On 11/28/18 4:59 AM, jmperrote wrote: > This is the new error that I have when I tried to squidclint via https + > certicicate. You have many different problems. Problem 0: You are not responding on the mailing list. Please keep this thread on the mailing list so that others can benefit from this triage and so that others can help you. Problem 1: You seem to ignore errors and warnings that you can fix on your own. Please fix the ones you can fix before asking for help with the remaining problems. When asking for help, explain what you think each remaining warning/error means, and why you cannot fix that problem. This approach shows that you invest serious effort into making this work rather than simply abusing the mailing list as a free replacement for a system administrator. Problem 2: > squidclient -vvv --https --cert /soporte/ssl/educacion.crt -h 10.0.0.4 -p > 1084 mgr:info The --cert option specifies a TLS client certificate. Your reverse proxy, AFAICT, does not use client certificates. Remove that option. See "man squidclient" for details about each option you use. Problem 3: > WARNING: Failed to load Certificate from /soporte/ssl/educacion.crt I do not know what went wrong here because you have not provided any relevant information like whether the file is actually there and can be read by the user squidclient runs as. Problem 4: > X.509 TLS handshake ... > VERIFY DATUM: The certificate is NOT trusted. The certificate issuer is > unknown. The name in the certificate does not match the expected. > WARNING: Insecure Connection Looks self-explanatory to me: Your squidclient does not trust the server certificate used by your reverse proxy. You may need to either * use a --trusted-ca option or * configure your TLS library environment to always trust the CA that signed the https_port certificate of your reverse proxy. Problem 5: > HTTP/1.1 401 Unauthorized > X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0 > WWW-Authenticate: Basic realm=... Your reverse proxy requires HTTP client authentication. Depending on your needs, you should either * adjust your Squid http_access rules to disable authentication for cache manager requests or * give a valid username and password to squidclient (search "man squidclient" manual page for "authentication" and "WWW" to discover the right options). Potential problem 6: This may not be relevant to you, but please note that Squid Cache Manager does not yet support secure queries when Squid is running in SMP mode. For details, please see https://wiki.squid-cache.org/Features/CacheManager#Secure_SMP_reports HTH, Alex. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
