Why does squid returns header error with ssl_bump configuration?
Issue
-
Why does squid returns header error with ssl_bump configuration? Disabling ssl-bump does not show the error.
For example, the particular site returns following header error with ssl-bump feature.26 2015/02/03 12:56:03 kid1| ctx: enter level 0: 'https://example.com/crossdomain.xml' 27 2015/02/03 12:56:03 kid1| WARNING: HTTP header contains NULL characters {Date: Tue, 03 Feb 2015 03:57:20 GMT 28 X-Content-Type-Options: nosniff 29 X-XSS-Protection: 1; mode=block 30 X-Frame-Options: SAMEORIGIN 31 Access-Control-Allow-Origin: * 32 Last-Modified: Wed, 04 Jun 2014 01:04:28 GMT 33 Accept-Ranges: bytes 34 Vary: Accept-Encoding 35 Content-Encoding: gzip 36 Content-Length: 252 37 Content-Type: application/xml 38 Age: 0 39 Connection: keep-alive 40 Strict-Transport-Security: max-age=15552000; includeSubDomains} 41 NULL <--- NULL is HERE 42 {Date: Tue, 03 Feb 2015 03:57:20 GMT 43 X-Content-Type-Options: nosniff 44 X-XSS-Protection: 1; mode=block 45 X-Frame-Options: SAMEORIGIN 46 Access-Control-Allow-Origin: * 47 Last-Modified: Wed, 04 Jun 2014 01:04:28 GMT 48 Accept-Ranges: bytes 49 Vary: Accept-Encoding 50 Content-Encoding: gzip 51 Content-Length: 252 52 Content-Type: application/xml 53 Age: 0 54 Connection: keep-alive 55 Strict-Transport-Security: max-age=15552000; includeSubDomains 56 2015/02/03 12:56:03 kid1| ctx: exit level 0 57 2015/02/03 12:56:03 kid1| WARNING: HTTP: Invalid Response: Bad header encountered from https://example.com/crossdomain.xml AKA example.com/crossdomain.xml
Environment
- Red Hat Enterprise Linux 6
- squid with ssl-bump configuration
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
