Why does squid returns header error with ssl_bump configuration?
Issue
-
Why does squid returns header error with ssl_bump configuration? Disabling ssl-bump does not show the error.
For example, the particular site returns following header error with ssl-bump feature.26 2015/02/03 12:56:03 kid1| ctx: enter level 0: 'https://example.com/crossdomain.xml' 27 2015/02/03 12:56:03 kid1| WARNING: HTTP header contains NULL characters {Date: Tue, 03 Feb 2015 03:57:20 GMT 28 X-Content-Type-Options: nosniff 29 X-XSS-Protection: 1; mode=block 30 X-Frame-Options: SAMEORIGIN 31 Access-Control-Allow-Origin: * 32 Last-Modified: Wed, 04 Jun 2014 01:04:28 GMT 33 Accept-Ranges: bytes 34 Vary: Accept-Encoding 35 Content-Encoding: gzip 36 Content-Length: 252 37 Content-Type: application/xml 38 Age: 0 39 Connection: keep-alive 40 Strict-Transport-Security: max-age=15552000; includeSubDomains} 41 NULL <--- NULL is HERE 42 {Date: Tue, 03 Feb 2015 03:57:20 GMT 43 X-Content-Type-Options: nosniff 44 X-XSS-Protection: 1; mode=block 45 X-Frame-Options: SAMEORIGIN 46 Access-Control-Allow-Origin: * 47 Last-Modified: Wed, 04 Jun 2014 01:04:28 GMT 48 Accept-Ranges: bytes 49 Vary: Accept-Encoding 50 Content-Encoding: gzip 51 Content-Length: 252 52 Content-Type: application/xml 53 Age: 0 54 Connection: keep-alive 55 Strict-Transport-Security: max-age=15552000; includeSubDomains 56 2015/02/03 12:56:03 kid1| ctx: exit level 0 57 2015/02/03 12:56:03 kid1| WARNING: HTTP: Invalid Response: Bad header encountered from https://example.com/crossdomain.xml AKA example.com/crossdomain.xml
Environment
- Red Hat Enterprise Linux 6
- squid with ssl-bump configuration
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
