4. [Solved] How to change the cipher for Squid reverse proxy?

[Solved] How to change the cipher for Squid reverse proxy?

  • C

    Hi,

    Is there a possibility to change the default cipher(s) for the Squid reverse proxy?

    I get always an ERR_SSL_OBSOLETE_CIPHER with Chrome and Opera.

    If I connect directly without my pfSense to the website it works. If I connect over my pfSense I get this error message. So I think it should be a configuration thing.

    Thanks,
    Christian.

    0
  • C

    Hi,

    so far I found the following BAD solution:

    1. The configuration of the Squid Reverse Prox is saved under: '/usr/local/etc/squid/squid.conf'.

    2. There is a section called '# Reverse Proxy settings'

    3. There are a lot of parameters for each entry. For the https stuff there are also the parameters which create the problem: 'cipher=' and 'options='

    4. I found this article: http://www.rawiriblundell.com/?p=1442

    5. I know, that I should not touch this file manually, but I wanted to see if this is the problem. So I changed the values for 'cipher' and 'options' like described in the article. I restarted the Squid service.

    IT WORKS!!!

    Does anyone know where I can set/change/choose this parameters over the gui???

    Thanks,
    Christian.

    0
  • C

    Please see: https://forum.pfsense.org/index.php?topic=119934.0

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy