On 2/10/2015 7:58 p.m., Jason Haar wrote:
> Just a reminder people, but you've gone off-topic. The postbank.de
> website issue has NOTHING to do with pining
>
> Someone mentioned earlier it's due to the HTTPS cert not having a
> complete cert-chain, and that web browsers auto-correct that situatio
On 02/10/15 21:38, Amos Jeffries wrote:
> I'm not sure but a custom certificate validator helper can probably do
> all this better. An example helper in Perl can be found at
> helpers/ssl/cert_valid.pl
That website worked for me because my external validator had an
exception rule for valid certs co
Greetings everyone,
The CygWin based build of Squid proxy for Microsoft Windows version 3.5.9 is
now available (amd64 only!).
* Original release notes are at
http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.9-RELEASENOTES.html.
* Ready to use MSI package can be downloaded from http://s
On 2/10/2015 10:33 p.m., Jason Haar wrote:
> On 02/10/15 21:38, Amos Jeffries wrote:
>> I'm not sure but a custom certificate validator helper can probably do
>> all this better. An example helper in Perl can be found at
>> helpers/ssl/cert_valid.pl
> That website worked for me because my external
Thanks Amos for the reply ,
I will trim the config with your recommendations but a few questions exists on
my side.
" If you mean it to be used to verify the *server* certificates then you need
to configure sslproxy_crlfile instead."
I guess that was what im looking for :-) ,
Hello,
i was trying the "null" storage module in Squid 3.4.x.
I have some systems with huge users and with high traffic peaks expecially
during the morning.
We use Squid to filter internet traffic.
Do you think that enabling the cache_dir null will give us better performances
and less system u
Hello,
i have enabled SSL Bump with certificates, i redirect the 443 on the 3129 port
of my Squid server but https sites are not accessible anymore and i can see
these errors in logs:
ERROR: NF getsockopt(ORIGINAL_DST) failed on local=192.168.10.xxx
The section regardings SSL Bump in squid.con
Hello!
It's looks like I have memory leak on squid with peek and splice https
traffic.
I use squid 3.5.9 (try 3.5.8 and 3.5.7 also). Openssl and libresll both
tried.
CentOs 7. Traffic redirecting transparently by wccp.
Server: 8 cores, 64GB RAM. Approx 600 clients with 150 requests per second.
Squ
I have installed squid 3.5 on Win2K12 and it is working fine. The next step is
to enable AD auth and apply an ACL for groups. All the documentation for AD
auth is geared towards linux. Are there are docs/guides for doing this on
Windows?
Thanks,
Keith
This message and any attachment are c
On 02/10/15 23:43, Amos Jeffries wrote:
> I'm suspecting the order of these options screws things up. Or maybe
> just the use of "ALL". sslproxy_options NO_SSLv2:NO_SSLv3:ALL
...but I don't even use sslproxy_options There have been at least 3
people saying that bump doesn't work with that site
On 3/10/2015 12:11 a.m., Sebastian Kirschner wrote:
> Thanks Amos for the reply ,
>
> I will trim the config with your recommendations but a few questions exists
> on my side.
>
> " If you mean it to be used to verify the *server* certificates then you need
> to configure sslproxy_crlfile inste
On 3/10/2015 12:25 a.m., Job wrote:
> Hello,
>
> i was trying the "null" storage module in Squid 3.4.x.
It does not exist.
Squid-3 does proper memory-only caching by default. Just erase or
comment out all cache_dir lines in your config and it works.
> I have some systems with huge users and wit
On 3/10/2015 12:31 a.m., Job wrote:
> Hello,
>
> i have enabled SSL Bump with certificates, i redirect the 443 on the 3129
> port of my Squid server but https sites are not accessible anymore and i can
> see these errors in logs:
>
> ERROR: NF getsockopt(ORIGINAL_DST) failed on local=192.168.10
On 3/10/2015 6:11 a.m., Keith White wrote:
> I have installed squid 3.5 on Win2K12 and it is working fine. The
> next step is to enable AD auth and apply an ACL for groups. All the
> documentation for AD auth is geared towards linux. Are there are
> docs/guides for doing this on Windows?
The SSP
On 3/10/2015 7:08 a.m., Jason Haar wrote:
> On 02/10/15 23:43, Amos Jeffries wrote:
>> I'm suspecting the order of these options screws things up. Or maybe
>> just the use of "ALL". sslproxy_options NO_SSLv2:NO_SSLv3:ALL
>
> ...but I don't even use sslproxy_options There have been at least 3
>
15 matches
Mail list logo