> Hello,
>
> We have two proxies which allow our users access to the internet, one as
> live box and one as a backup. Both boxes are running Gentoo and Squid 2.6
> STABLE16. Recently the live box was replaced with a new server. The OS and
> Squid were installed as before with the same configuration file. It now
> seems to have developed a problem when accessing HTTPS sites that require
> a
> certificate. When browsing to the site, it prompts for which certificate
> to
> use, then gives a little warning about how the hostname does not match the
> URL and then loads half the page. After about 1-2mins, a 404 error is
> produced in the areas which it hasn't loaded
>
<snip>
>
> Is there something obvious I should be checking?
Sounds to me like a host name problem.
running "squidclient mgr:info" on the live squid will give you the headers
its sending out. Check for the name in X-Cache: and Via:.
The visible hostname must match the one inside the certificate or the
certificate will be seen as invalid. hostname is set either in the OS
configuration /etc/hostname, or overridden in squid.conf with
visible_hostname.
>
> I would have thought that even though I've installed a new OS which has
> newer versions of bits and pieces than the backup one, this wouldn't make
> much of a difference. Perhaps I'm wrong?
Unless your squid.conf contains visible_hostname, the OS is in charge of
the FQDN squid sends out as its identifier.
HTH
Amos
Received on Tue Oct 02 2007 - 20:57:57 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:00 MDT