FS#44811 - [squid] HTTPS connection failed with 3.5.4-1

Attached to Project: Community Packages
Opened by Iglói Gábor (igloigabor) - Saturday, 02 May 2015, 10:25 GMT
Last edited by Sergej Pupykin (sergej) - Monday, 04 May 2015, 12:32 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Sergej Pupykin (sergej)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 2
Private No

Details

Description:

After upgrading from squid-3.5.3-2 to squid-3.5.4-1, there is some error when connecting to HTTPS sites through the squid proxy.

"Secure Connection Failed

The connection to www.google.hu was interrupted while the page was loading.

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem."

I haven't changed the config file which works flawlessly with the previous version.
When downgrading back to 3.5.3-2, HTTPS sites work as expected.
This task depends upon

Closed by  Sergej Pupykin (sergej)
Monday, 04 May 2015, 12:32 GMT
Reason for closing:  Fixed
Additional comments about closing:  I've added message into .install
Comment by Maxwell Draven (Ravenman) - Saturday, 02 May 2015, 15:52 GMT
I have this issue with my squid, too. Checking the log files I found this:

tail -f /var/log/squid/access.log

1430580509.949 634 192.168.0.2 TCP_MISS/200 2188 POST http://s2.symcb.com/ - HIER_DIRECT/23.52.59.27 application/ocsp-response
1430580510.500 549 192.168.0.2 TCP_MISS/200 2021 POST http://sr.symcd.com/ - HIER_DIRECT/23.52.59.27 application/ocsp-response
1430580720.195 532 192.168.0.2 TCP_MISS/200 884 POST http://ocsp.digicert.com/ - HIER_DIRECT/93.184.220.29 application/ocsp-response
1430580724.015 211 192.168.0.2 TCP_TUNNEL/200 0 CONNECT www.facebook.com:443 - HIER_DIRECT/2a03:2880:2130:cf05:face:b00c:0:1 -
1430580724.084 0 192.168.0.2 TCP_TUNNEL/200 0 CONNECT www.facebook.com:443 - HIER_DIRECT/2a03:2880:2130:cf05:face:b00c:0:1 -
1430580781.099 62014 192.168.0.2 TCP_TUNNEL/200 3405 CONNECT tiles.services.mozilla.com:443 - HIER_DIRECT/54.201.9.41 -
[root@localhost ~]#

tail -f /var/log/squid/cache.log

2015/05/02 10:32:04 kid1| local=[::] remote=[2a03:2880:2130:cf05:face:b00c:0:1]:443 FD 22 flags=1: read/write failure: (107) Transport endpoint is not connected
2015/05/02 10:32:04 kid1| local=[::] remote=[2a03:2880:2130:cf05:face:b00c:0:1]:443 FD 22 flags=1: read/write failure: (107) Transport endpoint is not connected
[root@localhost ~]#
Comment by Sergej Pupykin (sergej) - Monday, 04 May 2015, 12:28 GMT
please add

dns_v4_first on

into squid.conf. Most probably it is because your provider does not support ipv6.

Loading...