Hi - I'm starting to experience issues with SSL support in the Squid version I d/l'ed from Acme Consulting. I picked the 2.7 STABLE8 version, as being the closest to what I see recommended as the tagline in Amos' emails.
The error that I'm experiencing is an abort on the server side, with a Windows event entry listing error message "OPENSSL_Uplink(100EB010,07): no OPENSSL_Applink". Googling that, all I find is the maintainer of the Acme Windows Squid package pointing out that that's why SSL is labeled "experimental".
I checked, and ALL of the versions from Acme have this disclaimer. (not casting blame)
So . does anyone know of a Windows version of Squid that's in wide use, using SSL, and known to be stable? For our purposes, it would need to run on Windows Server 2008.
Or alternatively . has anyone used Squid with something like stunnel on both cache machines between Squid instances in a cache hierarchy, to encrypt the connection? And, ideally, have you used it in this fashion with both of the Squid/stunnel instances running on Windows? I'm concerned that the HTTP semantics change would break something - that setting the cache_peer on the PC squid to 127.0.0.1:stunnel_port would somehow mess up the parent peer being accessed, when it parses the request sent to it by its own local stunnel instance.
This all relates to the discussion here over the last month on "wrapping" a piece of software whose client and server portions run only on Windows, but which we can't add SSL support to . we need to impose encryption on the connection. We could just use stunnel directly, but then the HTTP headers would be affected, and we're concerned there's app functionality that would be affected on the server side. So we don't want to change the URL endpoints being accessed all to localhost:stunnel_port, we need the HTTP header semantic "cleanliness" of proxy-based interception.
----
David G. Bucci
Lockheed Martin IS&GS, Gaithersburg MD
240.668.4024 (unclass) 851.4384 (class) david.g.bucci_at_lmco.com (unclass) david.bucci_at_gdit.com (AIT unclass) gsdgb01_at_geoscout.ndn.nga.ic.gov (JWICS)
877.547.9681 or dabooch_at_skytel.com Pager Telecon Dial-in: 800.729.0918 PIN 541458#
(610.354.1200 if in Lockheed Martin building)
When Dr. Bruce Banner becomes angry, he changes into the Incredible Hulk; when the Incredible Hulk becomes angry, he changes into Chuck Norris.
-- ChuckNorrisFacts.com
Received on Thu Aug 26 2010 - 18:16:56 MDT
This archive was generated by hypermail 2.2.0 : Fri Aug 27 2010 - 12:00:03 MDT