my squid is a transparent proxy. and the problem is that i can't access the svn server. the access.log shows that 1512545348.844 380 192.168.51.15 TAG_NONE/200 0 CONNECT 192.168.52.6:443 - ORIGINAL_DST/192.168.52.6 - 1512545348.920 0 192.168.51.15 TAG_NONE/503 4324 OPTIONS https://192.168.52.6/svn/WATMdev/trunk/development/third_period/icapServer - HIER_NONE/- text/html
but when i use splice step . the access is normal. so i want to know what's the problem.
> my squid is a transparent proxy. and the problem is that i can't access
> the svn server.
> the access.log shows that
> 1512545348.844 380 192.168.51.15 TAG_NONE/200 0 CONNECT
> 192.168.52.6:443 - ORIGINAL_DST/192.168.52.6 -
> 1512545348.920 0 192.168.51.15 TAG_NONE/503 4324 OPTIONS
> https://192.168.52.6/svn/WATMdev/trunk/development/third_period/icapServer > - HIER_NONE/- text/html
> but when i use splice step . the access is normal. so i want to know
> what's the problem.
You will have to check the 503 that Squid is delivering there.
There does not appear to be any server name known, which might have
something to do with it. Its not easy to generate a proper server
certificate without a server name.
> Here is my configure
> https_port 192.168.51.200:3129 intercept ssl-bump connection-auth=off
> generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
> key=/usr/local/squid/ssl_cert/myCA.pem options=NO_SSLv3,NO_SSLv2
It may have something to with these restrictions against SSLv2 and v3.
Do you have anything similar on the sslproxy_* options?