• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

[Solved] How to change the cipher for Squid reverse proxy?

Scheduled Pinned Locked Moved Cache/Proxy
3 Posts 1 Posters 2.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C
    cjs1976
    last edited by Nov 19, 2016, 8:17 PM Nov 16, 2016, 7:40 AM

    Hi,

    Is there a possibility to change the default cipher(s) for the Squid reverse proxy?

    I get always an ERR_SSL_OBSOLETE_CIPHER with Chrome and Opera.

    If I connect directly without my pfSense to the website it works. If I connect over my pfSense I get this error message. So I think it should be a configuration thing.

    Thanks,
    Christian.

    1 Reply Last reply Reply Quote 0
    • C
      cjs1976
      last edited by Nov 16, 2016, 9:06 PM

      Hi,

      so far I found the following BAD solution:

      1. The configuration of the Squid Reverse Prox is saved under: '/usr/local/etc/squid/squid.conf'.

      2. There is a section called '# Reverse Proxy settings'

      3. There are a lot of parameters for each entry. For the https stuff there are also the parameters which create the problem: 'cipher=' and 'options='

      4. I found this article: http://www.rawiriblundell.com/?p=1442

      5. I know, that I should not touch this file manually, but I wanted to see if this is the problem. So I changed the values for 'cipher' and 'options' like described in the article. I restarted the Squid service.

      IT WORKS!!!

      Does anyone know where I can set/change/choose this parameters over the gui???

      Thanks,
      Christian.

      1 Reply Last reply Reply Quote 0
      • C
        cjs1976
        last edited by Nov 19, 2016, 8:17 PM

        Please see: https://forum.pfsense.org/index.php?topic=119934.0

        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received