On 14/01/2017 4:27 a.m., Sameh Onaissi wrote: > Hello Eliezer, all, > > > I removed the cipher and the problem is still there: > > > 2017/01/13 10:20:50 kid1| Error negotiating SSL connection on FD 138: > error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca (1/0)
The CA used to sign the remote endpoints certificate is not trusted. Or an intermediary certificate is missing. * Check that the set of "global trusted CA" installed on your Squid machiene is up to date. * Try the latest Squid-4, which can auto-download intermediate certificates. > 2017/01/13 10:21:05 kid1| Error negotiating SSL connection on FD 191: > error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown > (1/0) > 2017/01/13 10:21:17 kid1| Error negotiating SSL connection on FD 194: > error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown > (1/0) > 2017/01/13 10:21:17 kid1| Error negotiating SSL connection on FD 198: > error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown > (1/0) > 2017/01/13 10:21:18 kid1| Error negotiating SSL connection on FD 194: > error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown > (1/0) > 2017/01/13 10:21:18 kid1| Error negotiating SSL connection on FD 194: > error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown > (1/0) > 2017/01/13 10:21:19 kid1| Error negotiating SSL connection on FD 194: > error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown > (1/0) The obsolete SSL protocol is being used. > 2017/01/13 10:21:24 kid1| Error negotiating SSL connection on FD 163: Closed > by client The client disconnected. You can do nothing about that. > 2017/01/13 10:21:39 kid1| Error negotiating SSL connection on FD 250: > error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca (1/0) > 2017/01/13 10:21:42 kid1| Error negotiating SSL on FD 298: error:14090086:SSL > routines:ssl3_get_server_certificate:certificate verify failed (1/-1/0) "certificate verify failed" says what it means. > 2017-01-13 10:21:53 [29866] Request(everyone/deny/-) > https://accounts.youtube.com/accounts/CheckConnection?pmpo=https://accounts.google.com&v=-1574475776×tamp=1484320896449 > 10.0.0.127/10.0.0.127 - GET REDIRECT > 2017/01/13 10:21:56 kid1| Error negotiating SSL connection on FD 109: > error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca (1/0) > 2017/01/13 10:21:56 kid1| Error negotiating SSL connection on FD 309: > error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown > (1/0) > 2017/01/13 10:22:25 kid1| Error negotiating SSL connection on FD 155: Closed > by client > Amos _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
