Squid3 not starting with ssl interception enabled

mark81 · Sep 25, 2015, 9:21 PM

Hi,

I have a working setup with squid3 & antivirus. When I enable ssl interception and restart my firewall squid3 doesn't start.
If I disable ssl interception and restart all works well.

I'm not sure how I can troubleshoot this. Hope somebody can help.

Thanks!

doktornotor · Sep 26, 2015, 5:55 PM

Noone will help without the logs.

mark81 · Sep 27, 2015, 2:05 PM

I understand. Which logs do I need to provide? Sorry, I'm really new with the product and all of the features.

thermo · Sep 27, 2015, 11:07 PM

/var/squid/log/cache.log

mark81 · Sep 29, 2015, 12:58 PM

ok it now seems I'm completely blind. when monitoring the squid log with tail -f /var/squid/log/cache.log nothing happens when enabling ssl interception and restarting squid service. the service doesn't start and no new lines are logged to the cache.log. when disabling ssl interception and restarting squid I see new lines logged just fine.

My settings for the ssl interception part are:

Enable SSL filtering : enabled
SSL Interception interfaces: 2 interfaces (1 bridged interface, 1 normal interface) - same settings on transparent http proxy which works
ssl proxy port empty
CA - my internal root CA which is trusted on all my devices and imported (ofcourese) in pfsense

rest of the settings are all default. no modifications to sslcrtd children,remote cert checks or cerificate adapt.

What am I doing wrong?

Kind regarsd,

Mark

KOM · Sep 29, 2015, 2:07 PM

What am I doing wrong?

Well, you should be looking in access.log for squid's web activity. Cache.log is a service status log.

mark81 · Sep 30, 2015, 7:35 AM

But if the service doesn't start after ssl interception. is the access log any good?

KOM · Sep 30, 2015, 1:47 PM

I misunderstood your issue. Doktornotor has made a bunch of changes to Squid. You may want to jettison what you had and try again with the fixed updates. Also, seriously consider getting rid of SSL Interception via Transparent mode. Explicit proxy works much better with less fussing around.

doktornotor · Sep 30, 2015, 1:49 PM

Yeah, definitely retry with 0.3.6 (or later) package. And +1 on the MITM thing.

ernanijr · Mar 9, 2016, 1:25 AM

@mark81:

Hi,

I have a working setup with squid3 & antivirus. When I enable ssl interception and restart my firewall squid3 doesn't start.
If I disable ssl interception and restart all works well.

I'm not sure how I can troubleshoot this. Hope somebody can help.

Thanks!

Same thing does not start when I enable ssl…...