The problem first came to my attention when it came time to renew our Vipre Enterprise Software. The software would not authenticate against Sunbelt Software's licensing server. I had several email and voice communications with their tech support with no success. Their consistent answer was that our firewall / content filter was stripping out something from SOAP Headers. I could not confirm this and they were unable to provide any additional information. They normally have outstanding support, I even have received a personal email from their President/CEO!
As a last ditch effort, I put a generic firewall in place, just long enough to license the software. When it successfully licensed, I knew it was my IPCop 1.4 Firewall.
The second issue came when licensing downloaded videos purchased through Amazon, specifically after downloading it to the Unbox Player. Just like the Vipre software, it appeared that the authentication with the licensing server never completed.
To be honest, I cannot remember what lead me to believe it was a Squid Proxy problem...but it certainly was at least with Squid 2.7. The logs repeated the following error at the end of the requesting line:
- NONE/- text/html
BTW, here is the one from Amazon (with the ip address removed) :
TCP_MISS/417 1807 POST http://www.amazon.com/gp/video/licensing.html/? - NONE/- text/html
Some people get a 417 Error, which is an Expectation Failed error.
After several hours of research and a touch of Google Luck, here is the answer. Place the following value at the end of your squid.conf file (or /var/ipcop/proxy/acl file in the case of IPCop):
ignore_expect_100 on
It is reported that this problem does not effect Squid 2.6 or the new Squid 3.x.
Problem solved! We no longer have issues licensing software that requires communication with a remote server.
