Re: [squid-users] squid 5.7: can't access https://www.ilo.org/global/lang--en/index.htm with enabled sslbump, without sslbump it works
On 11/14/22 07:12, Dieter Bloms wrote: I've increased the debuglevel, but can't find any reason, why squid reponds with ERR_INVALID_RESP. HTTP/1.1 200 OK Server: Oracle-Application-Server-11g Transfer-Encoding: chunked Via: 1.1 www.ilo.org Transfer-Encoding: chunked The above (abridged) response is malformed because it has two Transfer-Encoding headers signalling "chunked, chunked" transfer encoding. The proxy and/or the origin server your Squid is talking to is broken. Modern Squids reject such messages because they are known to be used for cache poisoning and other security breaches. There is no official workaround (yet). HTH, Alex. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] squid 5.7: can't access https://www.ilo.org/global/lang--en/index.htm with enabled sslbump, without sslbump it works
Hello Amos, On Sat, Nov 12, Amos Jeffries wrote: > On 12/11/2022 2:49 am, Dieter Bloms wrote: > > Hello, > > > > I'm using squid 5.7 with enabled sslbump and can't reach the website > > https://www.ilo.org/global/lang--en/index.htm > > I get an error of type ERR_INVALID_RESP, but when I disable sslbump the > > webcontent is shown in the browser. > > > > Can anybody confirm this and can tell me what causes this problem ? > > TLS is complicated. SSL-Bump even more so. It is unlikely everyone else has > exactly the same things occuring, even if they have the same squid.conf > settings. > > You need to look at what the ERR_INVALID_RESP actually says in wrong with > the server response. > The check Squid cache.log. You may need to set "debug_options 11,2" to get a > trace of the HTTP messages and see what is going on. Thank you for your reply! I've increased the debuglevel, but can't find any reason, why squid reponds with ERR_INVALID_RESP. Maybe someone with more knowledge can find the reason in the cache.log. It can be found here: https://bloms.de/download/cache.log.gz -- Gruß Dieter -- I do not get viruses because I do not use MS software. If you use Outlook then please do not put my email address in your address-book so that WHEN you get a virus it won't use my address in the >From field. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] squid 5.7: can't access https://www.ilo.org/global/lang--en/index.htm with enabled sslbump, without sslbump it works
On 12/11/2022 2:49 am, Dieter Bloms wrote: Hello, I'm using squid 5.7 with enabled sslbump and can't reach the website https://www.ilo.org/global/lang--en/index.htm I get an error of type ERR_INVALID_RESP, but when I disable sslbump the webcontent is shown in the browser. Can anybody confirm this and can tell me what causes this problem ? TLS is complicated. SSL-Bump even more so. It is unlikely everyone else has exactly the same things occuring, even if they have the same squid.conf settings. You need to look at what the ERR_INVALID_RESP actually says in wrong with the server response. The check Squid cache.log. You may need to set "debug_options 11,2" to get a trace of the HTTP messages and see what is going on. HTH Amos ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
[squid-users] squid 5.7: can't access https://www.ilo.org/global/lang--en/index.htm with enabled sslbump, without sslbump it works
Hello, I'm using squid 5.7 with enabled sslbump and can't reach the website https://www.ilo.org/global/lang--en/index.htm I get an error of type ERR_INVALID_RESP, but when I disable sslbump the webcontent is shown in the browser. Can anybody confirm this and can tell me what causes this problem ? -- Regards Dieter -- I do not get viruses because I do not use MS software. If you use Outlook then please do not put my email address in your address-book so that WHEN you get a virus it won't use my address in the >From field. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users