squid and https URLs
I have installed squid
as a non-transparent proxy/cache server with --enable-ssl
configuration. It is a child of a parent proxy server proxy1.ut.ac.ir
.
Everything is OK for HTTP
URLs, but any HTTPS
URL is responded by a 404 Server not found
(for example for Gmail or https://www.google.com).
This is the access.log
entries for opening www.gmail.com:
1279493581.278 544 127.0.0.1 TCP_MISS/302 1136 GET http://mail.google.com/mail/ - DEFAULT_PARENT/proxy1.iut.ac.ir text/html
1279493581.283 0 127.0.0.1 TCP_MISS/404 0 CONNECT www.google.com:443 - DIRECT/- -
And squid in terminal says:
2010/07/18 18:52:27| ipcacheParse: No Address records in response to 'www.google.com'
Here is the squid.conf
:
http_port 3128
http_access allow all
cache_peer proxy1.ut.ac.ir parent 3128 0 no-query default no-digest no-netdb-exchange
cache_dir ufs /usr/local/squid/var/cache 100 16 256
coredump_dir /usr/local/squid/var/cache
There is no problem when i set proxy1.ut.ac.ir
as the proxy server in browsers so there is nothing wrong in parent proxy server.
Solution 1:
It looks like the server hosting squid can't resolve the name "www.google.com", to me.
The second line in your access.log sample is telling you that squid isn't sending the request to the parent cache, but rather is attempting a direct connection to "www.google.com" (the DIRECT/-
is the tip-off). If you want CONNECT requests to be sent to the parent cache, add the never_direct allow CONNECT
directive to your squid.conf file and you'll be in business.