Re: [squid-users] transparent proxy https and self signed certificate error

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 5/10/2014 7:30 p.m., Jason Haar wrote: > On 05/10/14 18:44, Amos Jeffries wrote: >> PS. Google with Chrome appear these days to be the champions of >> unbreakable TLS, their software is continually being updated to >> use/invent new TLS features t

Re: [squid-users] transparent proxy https and self signed certificate error

Hello Robert, Just my two cents - if you remove or comment out the sslproxy_cert_error allow all sslproxy_flags DONT_VERIFY_PEER from squid config - may it be that squid starts complaining - "cannot get cert issues locally" on the google sites? Rafael. From: Robert Watson mailto:rob...@gil

Re: [squid-users] Best OS for latest squid

Thanks! What is the recommendation on packages vs building from source? On Sun, Oct 5, 2014 at 12:31 AM, Amos Jeffries wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 5/10/2014 4:49 p.m., Douglas Davenport wrote: > > I'm starting from scratch with an AWS based squid setup, I woul

Re: [squid-users] Best OS for latest squid

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey Douglas, CentOS 6 is a nice OS and I am releasing RPMs for it(now 3.4.8 out). If you are using AWS they have a modified version of CentOS\RH which they update and kind of support. Self compiled for a cloud based machine to me seems a bit weird bu

[squid-users] RPM Packages

This question is probably specifically for Eliezer. My question is this, On the RPM repository at http://www1.ngtech.co.il/rpm/ There is an RPM package for version 3.4.5 for Oracle Linux 6. I installed this a few months ago when I was preparing to go live with a new Squid instance and now after a

Re: [squid-users] transparent proxy https and self signed certificate error

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/05/2014 01:22 PM, Amos Jeffries wrote: > MSIE 11 seems to be growing in popularity for some reason ;-) > > Amos And Still there is: http://bugs.squid-cache.org/show_bug.cgi?id=4115 For now I am using ssl_crtd of 3.4.5 for google ssl bump to wo

Re: [squid-users] RPM Packages

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey John, OEL 6 and CentOS 6 are different enough to not be 100% compatible. I cannot compare their DataBase but they are very similar so much that almost none of their users will see the differences. I would not recommend using 3.4.8 RPM for CentOS

Re: [squid-users] Best OS for latest squid

N¬ŠÆ¦º[b¥ªí™ë,j¢œÂú+™«

Re: [squid-users] RPM Packages

Eliezer It would be be great if you could manage to do a build 64bit OEL 6 build this week, but I understand you will be under great time pressure, so I will also try and perform a build from the SRPM this week also... However I don't think I've ever successfully made a build from an SRPM before,

[squid-users] Encapsulating proxy requests thru a proxy

Hi guys I have a need to encapsulate proxy requests thru a proxy, like the ProxyRemote directive in Apache mod_proxy: http://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxyremote http://www.xinotes.net/notes/note/980/ As I'm familiar with Squid, I'd like to have that same Apache functionality

Re: [squid-users] Encapsulating proxy requests thru a proxy

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6/10/2014 6:00 a.m., Ricardo Carrillo Cruz wrote: > Hi guys > > I have a need to encapsulate proxy requests thru a proxy, like the > ProxyRemote directive in Apache mod_proxy: > > http://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxyremote >

Re: [squid-users] RPM Packages

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6/10/2014 5:36 a.m., John Gardner wrote: > Eliezer > > It would be be great if you could manage to do a build 64bit OEL 6 > build this week, but I understand you will be under great time > pressure, so I will also try and perform a build from the S

Re: [squid-users] Best OS for latest squid

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey Rafael, You can install it from epel but the core+sslbump doesn't require that. Only the helpers package. Take a look in the wiki about centos it has the information about it. Eliezer On 10/05/2014 07:23 PM, Rafael Akchurin wrote: > Hello Eliez

Re: [squid-users] transparent proxy https and self signed certificate error

still trying to get this working. To eliminate the self signed certificate issue, I got a official signed certificate from Starfield Tech. LLC. They've sent two certifcates but I'm unsure how to use these certificates since the ssl_bump parameters only have one certificate as a parameter On Sun,

[squid-users] Squid, Kerberos and FireFox (Was: Re: leaking memory in squid 3.4.8 and 3.4.7.)

Rafael Akchurin wrote: > I believe I do (but you made me doubt:) > Well, I have tried negotiate_kerberos_auth with Firefox (Windows) and they don't work together. I am attaching a packet dump which boils down basically to the following: 1. proxy.sibptus.transneft.ru:3131 is configured in Firefox

Re: [squid-users] Squid, Kerberos and FireFox (Was: Re: leaking memory in squid 3.4.8 and 3.4.7.)

And before I forget and before somebody asks. In Firefox: network.negotiate-auth.allow-proxies=true network.negotiate-auth.gsslib="" network.negotiate-auth.using-native-gsslib=true Victor Sudakov wrote: > Rafael Akchurin wrote: > > I believe I do (but you made me doubt:) > > > > Well, I have tr

Re: [squid-users] Squid, Kerberos and FireFox (Was: Re: leaking memory in squid 3.4.8 and 3.4.7.)

Victor Sudakov wrote: > Rafael Akchurin wrote: > > I believe I do (but you made me doubt:) > > > > Well, I have tried negotiate_kerberos_auth with Firefox (Windows) I have tried the same with MSIE 8 (Windows). It's obviously trying to do NTLM instead of Kerberos (see below). How do I enable Ke