Error accessing sites with HTTPS
-
Dear,
I own pfsense v2.3.4 as a virtual machine with Squid + Squidguard + integrated with AD with transparent proxy, it worked perfectly after some users started reporting problems on access to some HTTPS site, and displayed an error message when accessing this sites
The following error was encountered while trying to retrieve the URL: https://www.fedex.com/*
Failed to establish a secure connection with 104.80.1.146
The system returned:
(92) Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)
Handshake with SSL server failed: error: 14077410: SSL routines: SSL23_GET_SERVER_HELLO: sslv3 alert handshake failureThis proxy and the remote host failed to negotiate an acceptable security configuration between them to fulfill your request. It is possible that the remote host does not support secure connections or that the proxy is not satisfied with the host security credentials.
Has anyone had this problem?
-
The system returned:
(92) Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)
Handshake with SSL server failed: error: 14077410: SSL routines: SSL23_GET_SERVER_HELLO: sslv3 alert handshake failureSSL V2 and V3 are long broken and should no longer be used on servers and clients. So disable it on pfSense and advise your users to use up to date browsers.
If there are still websites that rely on SSL V2/3 then you could try to contact their operators or stop using them.
-
I would be very glad to learn how you have successfuly configured transparent HTTP (S) proxy along with AD (which I translate as "authentication")