squid and https URLs

proxy https squid
20,605

It looks like the server hosting squid can't resolve the name "www.google.com", to me.

The second line in your access.log sample is telling you that squid isn't sending the request to the parent cache, but rather is attempting a direct connection to "www.google.com" (the DIRECT/- is the tip-off). If you want CONNECT requests to be sent to the parent cache, add the never_direct allow CONNECT directive to your squid.conf file and you'll be in business.

Share:
20,605

Related videos on Youtube

Isaac
Author by

Isaac

Updated on September 17, 2022

Comments

  • Isaac
    Isaac over 1 year

    I have installed squid as a non-transparent proxy/cache server with --enable-ssl configuration. It is a child of a parent proxy server proxy1.ut.ac.ir.

    Everything is OK for HTTP URLs, but any HTTPS URL is responded by a 404 Server not found (for example for Gmail or https://www.google.com).

    This is the access.log entries for opening www.gmail.com:

    1279493581.278    544 127.0.0.1 TCP_MISS/302 1136 GET http://mail.google.com/mail/ - DEFAULT_PARENT/proxy1.iut.ac.ir text/html
1279493581.283      0 127.0.0.1 TCP_MISS/404 0 CONNECT www.google.com:443 - DIRECT/- -

    And squid in terminal says:

    2010/07/18 18:52:27| ipcacheParse: No Address records in response to 'www.google.com'

    Here is the squid.conf:

    http_port 3128

http_access allow all

cache_peer proxy1.ut.ac.ir parent 3128 0 no-query default no-digest no-netdb-exchange

cache_dir ufs /usr/local/squid/var/cache 100 16 256
coredump_dir /usr/local/squid/var/cache

    There is no problem when i set proxy1.ut.ac.ir as the proxy server in browsers so there is nothing wrong in parent proxy server.

  • Isaac
    Isaac almost 14 years
    Thanks Evan! Problem solved! But why squid tries to connect to webserver directly for CONNECT requests while uses parent proxy for GET requests. Is it a default behavior or i am missing something?
  • Isaac
    Isaac almost 14 years
    There was same problem with POST method and it is solved in similar way. But why squid just redirect GET requests to parent proxy while tries to other methods (POST and CONNECT) directly to webserver? am I missing a configuration?
  • Spence
    Spence almost 14 years
    I wasn't aware of the default for POST, but the behavior you saw with CONNECT was because of a default.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Squid request_header_add with https
Transparent HTTP/HTTPS domain filtering proxy
How to properly setup squid3 as HTTPS proxy?
Logging HTTPS traffic through a proxy
Configure Squid as an HTTPS forward proxy?
Is there any way to cache HTTPS requests in a proxy server?
Pages don't get blocked with Squid over HTTPS
Transparent proxy for HTTPS traffic
Setup HTTPs Forward Proxy with HAProxy
Reverse proxy from nginx to squid