Squid Server configuration problems encountered (80/443)

These days because the company needs to study squid, squid support SSL, the main problems encountered in the configuration Https_port, the following is the problem encountered and solutions, the solution does not necessarily apply to your environment but can refer to:), please give valuable advice.

1> The following error occurred:  

Invalid Request

Invalid request

Some aspect of the HTTP Request is invalid. Possible problems:

Some aspects of the HTTP request are not valid. May be the following issues:

Missing or Unknown request method

Missing request mode or unknown request mode

Missing URL

Missing URLs

Missing HTTP Identifier (http/1.0)

Missing HTTP identifier (http/1.0)

Request is too large

Request command too long

Content-length missing for POST or PUT requests

POST or PUT request missing content length

illegal character in hostname; Underscores is not allowed

The host name contains illegal characters, and underscores are not allowed.

Answer: Add defaultsite=www.abc.com after https_port

2 "443 Port not listening

Answer: The certificate is not correct, please generate a certificate that can

Additional 1: Use the following command to generate a certificate for the test:

OpenSSL req-new-keyout key.pem-nodes-x509-days 365-out Cert.pem

Additional 2: If you want to generate a certificate request to apply for a formal certificate, use the following two commands:

(1), generate private key OpenSSL genrsa-out Key.pem 1024
(2), generate a certificate to be signed OpenSSL req-new-out Req.csr-key KEY.PEM

The contents of the REQ.CSR file are then submitted to the certification authority.

3"Unable to forward " This request at this time

Answer:

Add the following line to the configuration

Cache_peer www.abc.com Parent 0 no-query Originserver

For the convenience of the comparison I posted my configuration file for your reference

Http_port Transparent
https_port 443 Defaultsite=www.abc.com Cert=/usr/local/squid/zcxcert.pem Key=/usr/local/squid/zcxkey.pem
Icp_port 0
Hierarchy_stoplist Cgi-bin?
ACL QUERY Urlpath_regex cgi-bin \? \.aspx \.ashx \.asmx
Cache Deny QUERY
ACL Apache Rep_header Server ^apache
Broken_vary_encoding Allow Apache
Cache_mem MB
Cache_swap_low 90
Cache_swap_high 95
Maximum_object_size 8192 KB
Maximum_object_size_in_memory KB
Cache_dir Ufs/usr/local/squid/var/cache 2048 16 256
#access_log/usr/local/squid/var/logs/access.log Common
Access_log None
Cache_log/usr/local/squid/var/logs/cache.log
#cache_store_log/usr/local/squid/var/logs/store.log
Cache_store_log None
Emulate_httpd_log on
Pid_filename/usr/local/squid/var/logs/squid.pid
Hosts_file/etc/hosts
Refresh_pattern ^ftp:1440 20% 10080
Refresh_pattern ^gopher:1440 0% 1440
Refresh_pattern. 0 20% 4320
Half_closed_clients off
ACL all src 0.0.0.0/0.0.0.0
ACL myip src 21.142.17.170 21.24.82.35
ACL manager Proto Cache_object
ACL localhost src 127.0.0.1/255.255.255.255
ACL To_localhost DST 127.0.0.0/8
ACL 252 DST 21.238.23.252
ACL 251 DST 21.238.23.251
ACL 233 DST 21.238.23.233
ACL 237 DST 21.238.23.237
ACL 234 DST 21.238.23.234
ACL ssl_ports port 443
ACL safe_ports Port # http
ACL safe_ports Port # FTP
ACL safe_ports Port 443 # HTTPS
ACL safe_ports Port # Gopher
ACL safe_ports Port # WAIS
ACL safe_ports Port 1025-65535 # unregistered ports
ACL safe_ports Port 280 # HTTP-MGMT

ACL safe_ports Port 488 # gss-http
ACL safe_ports Port 591 # FileMaker
ACL safe_ports Port 777 # multiling HTTP
ACL Connect method Connect
Http_access allow manager localhost
Http_access Allow manager Myip
Http_access Allow 252
Http_access Allow 251
Http_access Allow 233
Http_access Allow 237
Http_access Allow 234
Http_access Deny Manager
Http_access Deny! Safe_ports
Http_access Deny CONNECT! Ssl_ports
Http_access Deny All
Http_reply_access Allow all
Icp_access Allow all
Cache_mgr[email protected]
Cache_effective_user Nobody
Cache_effective_group Nobody
Visible_hostname squid72
Logfile_rotate 4
Forwarded_for on
Allow_underscore on
Request_body_max_size 0 KB
Coredump_dir/usr/local/squid/var/cache
Cache_peer www.abc.com Parent 0 no-query Originserver

4 "Start squid when prompted:" fatal:bungled squid.conf Line Xxx:cache_dir ufs/path/cache 256 16 256
Squid Cache (Version 2.5.stable13-xxxxxxxx):: Terminated abnormally. "

Answer: found that because the storage cache is AUFS, enabling this format must be compiled squid with async-io support, so recompile squid, plus async-io support

./configure–enable-async-io

If Cache_dir is not a ufs but a aufs, you need to add the parameter –enable-storeio=aufs and then make;make install

Start squid again and it's OK.

5" increase squid can use the file descriptor Answer:in Redhat AS4 (that is, kernel-2.6.9), the file descriptor is enlarged in the following way:Extract the Squid source package you downloaded# tar zxvf squid-2.6.stable XX. tar.gz (x = version number) # CD squid-2.6.stable xx# ulimit-hn 16384 (16384 This value increases or decreases according to your needs) #./con figure# make# make install edit squid.conf to let squid use the number of file descriptors that have been set at compile time before you start the squid. # Ulimit-hn 16384 (16384 This value is set at the root of the Configure) and then starts the squid so it increases.squid can be used for file descriptors 6 "Ignore no-cache,reload instructions Answer:Unzip the squid source package you downloaded, add it in squid.confRefresh_pattern-i wdsl\.test\.cn 1440 50% 10080 ignore-reload Ignore-no-cache

Things to note:
1>. This line will be placed in
Refresh_pattern. 0 20% 4320

2>. In. (dot) Before you add a slash

Squid Server configuration problems encountered (80/443)