OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • Proxy server error
« previous next »
  • Print
Pages: [1]

Author Topic: Proxy server error  (Read 9616 times)

Julien

  • Hero Member
  • *****
  • Posts: 651
  • Karma: 32
    • View Profile
Proxy server error
« on: June 21, 2017, 02:52:18 pm »
Dear all,
we are using a Proxy server , some website can't be loaded even I added them to the white list the error keeps showing up.
we are running a Squid version 3.5.25 and https proxy

The following error was encountered while trying to retrieve the URL: https://192.116.242.10/*
Failed to establish a secure connection to 192.116.242.10
The system returned:
(92) Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)
Handshake with SSL server failed: error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol
This proxy and the remote host failed to negotiate a mutually acceptable security settings for handling your request. It is possible that the remote host does not support secure connections, or the proxy is not satisfied with the host security credentials.


Can you please advise what to do to get this fixed ?
« Last Edit: June 21, 2017, 03:05:29 pm by Julien »
Logged
An intelligent man is sometimes forced to be drunk to spend time with his fool.

Julien

  • Hero Member
  • *****
  • Posts: 651
  • Karma: 32
    • View Profile
Re: Proxy server error
« Reply #1 on: June 28, 2017, 06:15:50 pm »
Any one ?
we have the SSL proxy off until someone can point me to the right directions.
Logged
An intelligent man is sometimes forced to be drunk to spend time with his fool.

fabian

  • Hero Member
  • *****
  • Posts: 2768
  • Karma: 199
  • OPNsense Contributor (Language, VPN, Proxy, etc.)
    • View Profile
    • Personal Homepage
Re: Proxy server error
« Reply #2 on: June 28, 2017, 06:26:12 pm »
You should check the TLS settings and library (for example OpenSSL, GNUTLS) versions of the server. Your browser should tell you which version is used if you don't use the proxy.
Logged

Julien

  • Hero Member
  • *****
  • Posts: 651
  • Karma: 32
    • View Profile
Re: Proxy server error
« Reply #3 on: July 01, 2017, 12:41:56 am »
Quote from: fabian on June 28, 2017, 06:26:12 pm
You should check the TLS settings and library (for example OpenSSL, GNUTLS) versions of the server. Your browser should tell you which version is used if you don't use the proxy.
thank you for your answer
Can you please advise where exactly to check ?
much appreciate your support.
the errors now is

Code: [Select]
The following error was encountered while trying to retrieve the URL: https://195.8.209.120/*
Failed to establish a secure connection to 195.8.209.120
The system returned:
(92) Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)
Handshake with SSL server failed: error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol
This proxy and the remote host failed to negotiate a mutually acceptable security settings for handling your request. It is possible that the remote host does not support secure connections, or the proxy is not satisfied with the host security credentials.
Logged
An intelligent man is sometimes forced to be drunk to spend time with his fool.

fabian

  • Hero Member
  • *****
  • Posts: 2768
  • Karma: 199
  • OPNsense Contributor (Language, VPN, Proxy, etc.)
    • View Profile
    • Personal Homepage
Re: Proxy server error
« Reply #4 on: July 01, 2017, 01:55:16 pm »
You should check the web server for the supported ciphers and TLS versions. If you navigate to it without the proxy, you can get into the menu showing it by clicking the lock icon in the address bar, then click ">" and click "more information". The should be some info under technical details. (Note: This explanation is Firefox only)
Logged

Julien

  • Hero Member
  • *****
  • Posts: 651
  • Karma: 32
    • View Profile
Re: Proxy server error
« Reply #5 on: July 02, 2017, 11:38:46 pm »
Quote from: fabian on July 01, 2017, 01:55:16 pm
You should check the web server for the supported ciphers and TLS versions. If you navigate to it without the proxy, you can get into the menu showing it by clicking the lock icon in the address bar, then click ">" and click "more information". The should be some info under technical details. (Note: This explanation is Firefox only)
the situation is happening with a lot of websites not only one.
I check them using TLS SSL but can't seem to troubleshoot the errors,
the only solutions now is to disable the proxy SSL until I can find a proper solution.
am I the only one with this error using the proxy server ?
Logged
An intelligent man is sometimes forced to be drunk to spend time with his fool.

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • Proxy server error
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2