Visit Our UNIX and Linux User Community


Squid cannot load https sites


 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users Squid cannot load https sites
# 1  
Old 02-25-2010
Squid cannot load https sites

Hi guys

On FC9 we are running squid-3.0.STABLE2-2.fc9.i386

HTTP traffic works fine, no problems there.

When I try to access a secure site, IE, Chrome and Firefox says the page cannot be loaded.

I do not see any log entries in the squid access log or the servers messages file.

HTTP requests get logged though.

Any idea where I can start looking? The server also runs IPTABLES.

Please let me know

Thanks!!
# 2  
Old 02-25-2010
You might look into issues about encryption and proxy caches.

Normally since an SSL session involves an exchange of encryption keys between client and server, a proxy cache will not attempt to cache encrypted pages, because these pages cannot be viewed outside of the session.

For example, if you had an encrypted SSL session with your on-line bank, you would not want that information cached anyway, and you certainly would not want it cached unencrypted.
# 3  
Old 02-25-2010
So we cannot run HTTPS via squid without compromising security & encryption?
# 4  
Old 02-26-2010
Are you using SQUID as a transparent proxy, redirecting normal un-proxied requests into your local SQUID? A transparent proxy can't carry SSL, much to my irritation as well. SQUID can proxy SSL, but only makes a direct uncached connection, and never decrypts.

A transparent proxy tries its best to act like the website you're connecting to, hence it can't do anything that requires the client to know its connecting to a proxy, like an HTTP CONNECT, the only safe way to proxy HTTP SSL.

Last edited by Corona688; 02-26-2010 at 01:39 PM..

Previous Thread | Next Thread
Test Your Knowledge in Computers #990
Difficulty: Medium
UNIX System V is one of the first commercial versions of the Unix operating system and was originally developed by AT&T and first released in 1981.
True or False?

9 More Discussions You Might Find Interesting

1. Linux

How to deny facebook https using squid proxy in Centos 6.5?

Hi we have Centos Server and we have client machines using Ubuntu 12.04 and Win7,I Have Configured Squid only purposely for facebook denied, Cos User;s often being in fb so need to do it, have configured squid as transparent , followed this How to install squid proxy on centos 6 steps to did it and... (2 Replies)
Discussion started by: babinlonston
2 Replies

2. Linux

How to deny facebook https using squid proxy in Centos 6.5?

Hi we have Centos Server and we have client machines using Ubuntu 12.04 and Win7,I Have Configured Squid only purposely for facebook denied, Cos User;s often being in fb so need to do it, have configured squid as transpernt , followed this How to install squid proxy on centos 6 steps to did it and... (1 Reply)
Discussion started by: babinlonston
1 Replies

3. Solaris

Need suggestion:- Failed HTTPS transfer to https://supportfiles.sun.com/curl

Hi Guys, I have recently started reciving below Error message Failed HTTPS transfer to https://supportfiles.sun.com/curl whenever I run /usr/local/bin/sudo /opt/SUNWexplo/bin/explorer -P -q -v from all Servers. Looks like the SSL certificate as Expired. Whenever I type... (4 Replies)
Discussion started by: manalisharmabe
4 Replies

4. Emergency UNIX and Linux Support

[solved] Block access to all sites except one using Squid

I need a Squid config that allows access to only one domain: .example.com Traffic should only be allowed through if coming from 10.100.0.0/24 and only port 80 (http) and port 443 (https) traffic should be allowed through, but again, only to this ONE domain. It Must be Squid (no iptables... (3 Replies)
Discussion started by: glev2005
3 Replies

5. UNIX for Dummies Questions & Answers

Client web pages very slow to load. Squid issue?

Hi. I have netBSD box acting as gateway, ftp, mail & web server, etc. It is now seven years old and has never missed a beat. The only problem is that the (Windows) boxes in my little network are now experiencing VERY slow web page loads. The other problem is that in the years since a Unix... (0 Replies)
Discussion started by: torontobob
0 Replies

6. IP Networking

Blocking sites with squid

Hi i have created a proxy with squid and i need to block all domains of yahoo let's say . i have to configure squid.conf but idk how.. (1 Reply)
Discussion started by: g0dlik3
1 Replies

7. Red Hat

Red Hat https sites not opening.

Hi I am working on Red Hat 5. WHile logging form root too I am getting a strange thing. Whenever I try to open the https sites on any browser a blank screen appears, but once I delete cookies and refresh, this page reappears. What may be the reason for that and is it some kind of bug? (8 Replies)
Discussion started by: nixhead
8 Replies

8. IP Networking

Block sites images with Squid!?

Hi, How i can block images from a particular site with squid? for example i want images from www.yahoo.com not displayed but other site content displayed to user? and how can i authenticate squid users (for e.g webproxy) with windows server 2003 domain controller (Active Directory) ... (0 Replies)
Discussion started by: skynet_boy
0 Replies

9. Shell Programming and Scripting

Need help in wrting Load Script for a Load-Resume type of load.

hi all need your help. I am wrting a script that will load data into the table. then on another load will append the data into the existing table. Regards Ankit (1 Reply)
Discussion started by: ankitgupta
1 Replies

Featured Tech Videos