As soon as I install Squid3, https does not work anymore



  • As soon as I install Squid3, https does not work anymore…

    Even if i set "dns_v4_first on;" in custom options, as son as squid3 service starts, i cannot even log into the pfsense web configurator that i always keep in https mode.

    If i set the pfsense web configurator in http, i will still be able to access the pfsense web configurator but clients cannot access https pages anyways.

    It was working, then later with new releases it stopped working, then it worked again after someone fixed something in squid3 and now again with the latest reléase, as of December 30th, it does not work anymore.

    Even if i set no custom options at all, leaving everything by default i cannot access https stuff.

    I will try with lusca cache or squid 2.7 but i really wanted to move on to newer squid releases but i cannot live with this permanent https issues.

    After modding as much as i could squid3 i made it work with https pages but it was caching stuff from users and mixing it with other users. For example a guy was logging in into someone else's Facebook without being able to log in into their own account.

    I now how much Facebook security sucks, but´sadly it´s the most visited website in my network and it Works fine only until i install squid3.

    Hopefully someone can fix this squid3 issue and help me and others as well..

    regards



  • @quetzalcoatl:

    Even if i set "dns_v4_first on;" in custom options,

    This option is on gui, no need for custom options. Enable it and see if something changes.

    I use squid3 and I do not see this error on https with dns_v4_first option enabled.



  • Great. I didn't noticed that dns v4 first check box.
    Now i'm using it and it works fine but…......

    If wan is a pppoe connection squid still does not work.

    If i keep wan as static ip with static gateway, squid works properly.

    There is some problem with squid not working at all with pppoe wans.

    Also if i want squid to start caching for real, i have to disable caching for dynamic content.



  • @quetzalcoatl:

    If wan is a pppoe connection squid still does not work.

    I have squid3 with pfsense 2.0.2 and pppoe working without issues.  ???

    @quetzalcoatl:

    Also if i want squid to start caching for real, i have to disable caching for dynamic content.

    It's a Know issue. The dynamic content acls was implemented based on squid3 wiki page, it needs fixes/improvements.


Locked