Squid-reverse with SSL on 443

  • I am having issues getting the squid reverse working on the HTTPS port of 443. In the config if I specify something else like port 9999 for my HTTPS then it works just fine. I think there must be something wrong or some conflict on 443 and pfsense:

    Here is my config for squid:


    I have a firewall rule in place for port 80 and 443 to send to the WAN address

    When I try to access https://conf.mydomain.com from the internet (outside my network) I get this message displayed in my browser:

    The requested URL could not be retrieved
    While trying to retrieve the URL: https://www.mydomain.com
    The following error was encountered:
    Access Denied.
    Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.

    I checked the console access log and I see:

    1332123810.815      0 TCP_DENIED/403 1430 GET https://www.mydomain.com - NONE/- text/html

    I can't figure out why it falls back from "conf.mydomain.com" to my FQDN "www.mydomain.com"

    If I simply change the SSL port to 9999 in squid and in the firewall the setup works just fine. But I don't want to have to specify port in the address.

    Any ideas?

  • No ideas?

  • Hi

    Do you have a port redirection for 443 going to a webserver already in your nat rules ?

Log in to reply