Pfsense squid + squidguard ssl filtering error
I have installed Latest and stable release of pfsense 2.3.2, now i am using transparent proxy with SSL filtering, i have got everything working fine, but for some sites i am getting ssl23 error:
The following error was encountered while trying to retrieve the URL: https://www.irctc.co.in/*
Failed to establish a secure connection to 22.214.171.124
The system returned:
(92) Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)
Handshake with SSL server failed: error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol
This proxy and the remote host failed to negotiate a mutually acceptable security settings for handling your request. It is possible that the remote host does not support secure connections, or the proxy is not satisfied with the host security credentials.
Your cache administrator is admin@localhost.
no matter how much i try, i cant resolve this error, first i tried bypassing the IP under proxy, it worked for 2 days, then i have no idea…it stopped working, all configs are same, i had tried entering lot of IPs to bypass, dont know because of this it stopped working, please tell me how to resolve this error ?
For similar crappy sites, you need to set SSL Proxy Compatibility Mode to Intermediate so that TLS v1.0 is enabled.
@doktornotor, thank you so much, looks like issue resolved after changing to immediate mode.