I have pfsense running squid proxy and squid guard. It was working like charm until few days ago, after that all https traffic started to give the below error SSL_ERROR_RX_RECORD_TOO_LONG.
I have squid configured in transparent mode and splice all for https. I had a look around but I cannot find any useful info. Anyone experience something similar before
Thanks
Best Answer
I have the same issue. pfsense version 2.4.4-RELEASE (amd64). Package: squid 0.4.44_6 in transparent mode with "Splice All" method. No other packages installed except LightSquid only. Nothing selected in squid for "Remote Cert Checks" and also nothing for "Certificate Adapt". Important to highlight is that in general my setup is working pretty fine since one month with two access points and around 30 different end-user devices on the network. Most of the users are generating primarily HTTPS traffic. The above mentioned error "SSL_ERROR_RX_RECORD_TOO_LONG" is shown only sporadically, from time to time, not every day, on a fully random basis. For example I got it today when I was writing one ebay message to another user. As soon as I pressed on the Submit-button - I got the error page and lost the text. Refreshing the page multiple times resulted in the same error. Then I waited a couple of minutes and everything worked fine again without me changing or doing anything about it. I was able to type in again my text from a scratch again and sent it with success a few seconds later. Interesitng observation: despite the error page shown at my first attempt, it seems that the first message was sent after all, so at the end of the story I had apparently sent it twice. I guess that this very unusual behavior will be difficult to debug, as in general everything works fine most of the time.