I am having squid proxy running on port 3128 with 2 nic
eth0:192.168.2.22 with internet access.
eth1:192.168.1.1 connected to LAN.
Every machines in LAN have ip in the range
192.168.1.0/24 through DHCP.
It includes both windows and Linux machines(Ubuntu 10.04).
All the windows machines can access HTTPS pages but none of the linux machine can access https page.
When a request is made for https from linux machines,its returning webpage not available.In the squid access log no "CONNECT" request is made when accessed from Linux machine.
What can be the reason?
Squid running: on ubuntu 12.04 64 bit
squid version:squid3-3.1.19
No access restriction is made in the default squid configuration other than enabling localnet to connect.
tried setting
export HTTP_PROXY=http://192.168.1.1:3128/ in bashrc
but still not able to acces any https pages.
env https_proxy=http://192.168.1.1:3128/ wget –debug https://google.com/
DEBUG output created by Wget 1.12 on linux-gnu.
--2012-10-26 13:45:47-- https://google.com/
Connecting to 192.168.1.1:3128... connected.
Created socket 3.
Releasing 0x08e0a430 (new refcount 0).
Deleting unused 0x08e0a430.
---request begin---
CONNECT google.com:443 HTTP/1.0
User-Agent: Wget/1.12 (linux-gnu)
---request end---
proxy responded with: [HTTP/1.0 200 Connection established
]
Initiating SSL handshake.
Handshake successful; connected socket 3 to SSL handle 0x08e0a678
certificate:
subject: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.google.com
issuer: /C=US/O=Google Inc/CN=Google Internet Authority
ERROR: certificate common name `*.google.com' doesn't match requested host name `google.com'.
To connect to google.com insecurely, use `--no-check-certificate'.
Closed 3/SSL 0x08e0a678
Best Answer
Did you forget to configure the HTTPS proxy in the Linux machines?