4. Problem In Application with SSL filtering in squid

Problem In Application with SSL filtering in squid


  • Hello

    HTTP/1.1 400 Bad Request
    Server: squid
    Mime-Version: 1.0
    Date: Fri, 08 Sep 2017 21:19:17 GMT
    Content-Type: text/html;charset=utf-8
    Content-Length: 3948
    X-Squid-Error: ERR_INVALID_REQ 0
    Vary: Accept-Language
    Content-Language: en
    X-Cache: MISS from pfsense
    X-Cache-Lookup: NONE from pfsense:3128
    Via: 1.1 pfsense (squid)
    Connection: close

    Why does this error message occur in Windows and mobile apps?
    When I enable ssl filttering in squid?
    And some apps do not connect to the Internet on Windows and on Android.

    But it is connected to the Internet browser.

    0
  • S
    Banned

    It is called SSL pinning, for example https://docs.diladele.com/faq/squid/sslbump_exlusions/dropbox.html

    0

  • @sichent:

    It is called SSL pinning, for example https://docs.diladele.com/faq/squid/sslbump_exlusions/dropbox.html

    –------------------------------------------------------------------------------------------------------------------------
    Hello
    Thanks for the guide
    But this method does not work for all apps
    I think that some applications use websocket and SQUID does not allow access to the websocket.

    I placed the following domain for telegram in ACLs, but did not work

    https://my.telegram.org
    my.telegram.org
    telegram.org
    telegram.me
    my.telegram.me
    api.telegram.org

    0
  • S
    Banned

    As far as I know web socket first test if the protocol is available (connection-upgrade) - so I do not think the web sockets are the reason.
    capturing traffic with wireshark may reveal the reasons…

    0

  • @reza3sw:

    Hello

    HTTP/1.1 400 Bad Request
    Server: squid
    Mime-Version: 1.0
    Date: Fri, 08 Sep 2017 21:19:17 GMT
    Content-Type: text/html;charset=utf-8
    Content-Length: 3948
    X-Squid-Error: ERR_INVALID_REQ 0
    Vary: Accept-Language
    Content-Language: en
    X-Cache: MISS from pfsense
    X-Cache-Lookup: NONE from pfsense:3128
    Via: 1.1 pfsense (squid)
    Connection: close

    Why does this error message occur in Windows and mobile apps?
    When I enable ssl filttering in squid?
    And some apps do not connect to the Internet on Windows and on Android.

    But it is connected to the Internet browser.

    Hello to all friends

    My problem with the IP Telegram and (as well as the programs that have this problem) was solved in Bypass squid

    In this way, IPs that come in bypass pass through the web proxy

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy