4. [Solved] How to change the cipher for Squid reverse proxy?

[Solved] How to change the cipher for Squid reverse proxy?

  • C

    Hi,

    Is there a possibility to change the default cipher(s) for the Squid reverse proxy?

    I get always an ERR_SSL_OBSOLETE_CIPHER with Chrome and Opera.

    If I connect directly without my pfSense to the website it works. If I connect over my pfSense I get this error message. So I think it should be a configuration thing.

    Thanks,
    Christian.

    0
  • C

    Hi,

    so far I found the following BAD solution:

    1. The configuration of the Squid Reverse Prox is saved under: '/usr/local/etc/squid/squid.conf'.

    2. There is a section called '# Reverse Proxy settings'

    3. There are a lot of parameters for each entry. For the https stuff there are also the parameters which create the problem: 'cipher=' and 'options='

    4. I found this article: http://www.rawiriblundell.com/?p=1442

    5. I know, that I should not touch this file manually, but I wanted to see if this is the problem. So I changed the values for 'cipher' and 'options' like described in the article. I restarted the Squid service.

    IT WORKS!!!

    Does anyone know where I can set/change/choose this parameters over the gui???

    Thanks,
    Christian.

    0
  • C

    Please see: https://forum.pfsense.org/index.php?topic=119934.0

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy