One Particular site giving 503 error with SSL bump



  • Hi everyone,

    I am using pfsense 2.2.6 with proxy server (Squid3 0.4.7).

    Squid is running in transparent mode with SSL Bumping. The certificates are installed in all the client computers. Everything is working smooth (banking sites, google, yahoo…..) except one particular site https://workshop.olacabs.com which is giving 503 Server Unavailable error.  This site at times randomly start working and again give 503 error. If I disable https filtering the site work without error.

    I tried by passing this site in the squid but still face the same issue. Can any one help on this.
    The technical details about the OLA site is attached.

    Thank you,
    Regards,
    Ashima

    Thank you




  • Hello,

    I haven't received ANY reply…... Is there any other information that I need to provide.
    I get 503 error when SSl bumping is enabled. If I switch off SSl bump the site works fine.

    regards,
    Ashima



  • I wish I cold help you but I run explicit on 2.3.2, not transparent on 2.2.6.  I avoid transparent mode just because of all the weird hassles with SSLBump and client certs.



  • Thank you KOM for replying.  Atleast I know someone is listening.

    So far I have taken following steps to bypass this particular site in the firewall –-

    a) In Squid--> general Settings--> Transparent Mode --> By Pass Destination Ips.
    b) In Squid --> ACL --> Whitelist --> i have listed this site
    c) In Squidguard --> Created new Targeted Category --> Included this site ---> Whitelist it.

    Restarted the services....Clear Cache----rebooted firewall--- after all these 50% of the times firewall by passes the site and the site opens.. rest of the times I get 503 error (ie due to MITM)

    I just want firewall to by pass this https site.

    Any pointer ?

    Regards
    Ashima



  • No specific advice other than to upgrade your pfSense to current, which has newer version of squid plus bugfixes and security patches.