I am trying to send a https request via a proxy which is chain to another proxy by setting the cache_peer ssl in the first proxy and https_port in the second proxy. The upstream proxy gives me this error:
2010/02/05 16:31:39| clientNegotiateSSL: Error negotiating SSL connection on FD 21: error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:http
s proxy request (1/-1)
This is the error defined in the openssl Library: SSL_R_HTTP_PROXY_REQUEST.
Let me have a background how the https via proxy works:
(1) The browser send a CONNECT request to the proxy
(2) The proxy open the 443 on the https web server
(3) Then the proxy sends the HTTP/1.0 200 connect established to the browser
(4) At this point, all the message will be relayed from this connection.
In our case, as the upstream is also a proxy, so it will forward "CONNECT xxx:443 HTTP/1.0 ...." to the upstream proxy directly, which is not SSL traffic and rejected by the upstream.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment