I am working on establishing a new install of Squid to reverse proxy OWA, ActiveSync and possibly RPC over HTTPS. I have been successful in establishing the reverse proxy for OWA without an issue. However I am having trouble with the ActiveSync functionality. I believe the issue to be related to my SSL cert because:
If I open my firewall and configure an android phone to use the OWA server (directly) it works. (I have tried 2 different android based phones on 2 different carriers)
When I configure an android phone to go through the squid proxy, I receive the message "unable to open connection to server due to security error" and nothing is logged in access_log, cache_log or cache_store_log. (Leading me to believe that something is amiss with the SSL cert.)
I suspect that I have either mis-configured exporting my SSL cert from my Exchange 2010 server, mis-configured something when extracting the pem for use in squid or fat-fingered my squid config some how. Yet - the thing that is making me crazy is that all of this works for OWA. So if I did any of the above, why would OWA work and not Active Sync?
My config is below:
https_port ip.of.squid.box:443 accel cert=/etc/squid/certs/exchange.pem defaultsite=my.owa.fqdn
cache_peer ip.of.owa.box parent 443 0 no-digest no-query originserver login=PASS ssl name=owaServer sslflags=DONT_VERIFY_PEER
And for completeness sake, I have not tested with an iPhone yet but hope to be able to do that soon.
Does anyone have any ideas on what might be going on? I'm at a loss...
Received on Thu Jan 26 2012 - 22:04:30 MST
This archive was generated by hypermail 2.2.0 : Fri Jan 27 2012 - 12:00:03 MST