TR: TR: [squid-users] https analyze, squid rpc proxy to rpc proxy ii6 exchange2007 with ntlm

From: Clem <clemfree_at_free.fr>
Date: Thu, 8 Mar 2012 14:08:46 +0100

Ok Amos so we go back to same issues, as I said you I have tested all I
could with the latest 3.2 beta versions before.

So I'm going back to the type-1 ntlm message issue (see my last messages
with this subject)

And my last question was :

> I think the link SQUID -> IIS6 RPC PROXY is represented by the
> cache_peer line on my squid.conf, and I don't know if
> client_persistent_connections
and
> server_persistent_connections parameters affect cache_peer too ?
>
> Dunno what to do now ...

-----Message d'origine-----
De : Amos Jeffries [mailto:squid3_at_treenet.co.nz]
Envoyé : jeudi 8 mars 2012 13:54
À : squid-users_at_squid-cache.org
Objet : Re: TR: [squid-users] https analyze, squid rpc proxy to rpc proxy
ii6 exchange2007 with ntlm

On 9/03/2012 1:21 a.m., Clem wrote:
> Back to send my feed back after testing proxy rpc via ntlm and squid
3.1.19,
> the main problem is I can't force sauid to use http1.1, in https analyzer
I
> can see squid is http1.0.
>
> How can I force squid 3.1.19 to use http1.1 ?

3.1 series still sends HTTP/1.0 when communicating to clients because
there are some critical HTTP features that are not supported in the 3.1
code (1xx status code handling being the major one). It is very likely
the RPC software will attempt to use these features to work around NTLM
issues if 1.1 is advertised by Squid. If that happens things go bad fast.

If that 1.1 is the blocker requirement for RPC + HTTPS , then the only
answer is to use 3.2 series. 3.2.0.16 is looking very good so far
despite its beta status. So you might be able to use it.

Amos
Received on Thu Mar 08 2012 - 13:08:52 MST

This archive was generated by hypermail 2.2.0 : Thu Mar 08 2012 - 12:00:02 MST