Problem In Application with SSL filtering in squid
-
Hello
HTTP/1.1 400 Bad Request
Server: squid
Mime-Version: 1.0
Date: Fri, 08 Sep 2017 21:19:17 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3948
X-Squid-Error: ERR_INVALID_REQ 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from pfsense
X-Cache-Lookup: NONE from pfsense:3128
Via: 1.1 pfsense (squid)
Connection: close
Why does this error message occur in Windows and mobile apps?
When I enable ssl filttering in squid?
And some apps do not connect to the Internet on Windows and on Android.But it is connected to the Internet browser.
-
It is called SSL pinning, for example https://docs.diladele.com/faq/squid/sslbump_exlusions/dropbox.html
-
It is called SSL pinning, for example https://docs.diladele.com/faq/squid/sslbump_exlusions/dropbox.html
–------------------------------------------------------------------------------------------------------------------------
Hello
Thanks for the guide
But this method does not work for all apps
I think that some applications use websocket and SQUID does not allow access to the websocket.I placed the following domain for telegram in ACLs, but did not work
https://my.telegram.org
my.telegram.org
telegram.org
telegram.me
my.telegram.me
api.telegram.org -
As far as I know web socket first test if the protocol is available (connection-upgrade) - so I do not think the web sockets are the reason.
capturing traffic with wireshark may reveal the reasons… -
Hello
HTTP/1.1 400 Bad Request
Server: squid
Mime-Version: 1.0
Date: Fri, 08 Sep 2017 21:19:17 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3948
X-Squid-Error: ERR_INVALID_REQ 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from pfsense
X-Cache-Lookup: NONE from pfsense:3128
Via: 1.1 pfsense (squid)
Connection: close
Why does this error message occur in Windows and mobile apps?
When I enable ssl filttering in squid?
And some apps do not connect to the Internet on Windows and on Android.But it is connected to the Internet browser.
Hello to all friends
My problem with the IP Telegram and (as well as the programs that have this problem) was solved in Bypass squid
In this way, IPs that come in bypass pass through the web proxy
