Squid-reverse with SSL on 443



  • I am having issues getting the squid reverse working on the HTTPS port of 443. In the config if I specify something else like port 9999 for my HTTPS then it works just fine. I think there must be something wrong or some conflict on 443 and pfsense:

    Here is my config for squid:

    
    CONFLUENCE;192.168.1.128;9443;HTTPS
    
    CONF;*;conf.mydomain.com
    
    CONFLUENCE;CONF
    
    

    I have a firewall rule in place for port 80 and 443 to send to the WAN address

    When I try to access https://conf.mydomain.com from the internet (outside my network) I get this message displayed in my browser:

    
    ERROR
    
    The requested URL could not be retrieved
    
    While trying to retrieve the URL: https://www.mydomain.com
    
    The following error was encountered:
    
    Access Denied.
    Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.
    
    

    I checked the console access log and I see:

    
    1332123810.815      0 74.82.64.144 TCP_DENIED/403 1430 GET https://www.mydomain.com - NONE/- text/html
    
    

    I can't figure out why it falls back from "conf.mydomain.com" to my FQDN "www.mydomain.com"

    If I simply change the SSL port to 9999 in squid and in the firewall the setup works just fine. But I don't want to have to specify port in the address.

    Any ideas?



  • No ideas?



  • Hi

    Do you have a port redirection for 443 going to a webserver already in your nat rules ?


Log in to reply