Re: Problem connecting to HTTPS site via HTTPS proxy
Date: Wed, 29 Jan 2020 19:02:33 -0500
On 1/29/2020 4:54 PM, Jim B. via curl-users wrote:
> On 1/29/2020 10:19 PM, Ray Satiro via curl-users wrote:
>> On 1/29/2020 12:21 PM, Jim B. via curl-users wrote:
>>> * Proxy replied 200 to CONNECT request
>>> * CONNECT phase completed!
>>> * ALPN, offering h2
>>> * ALPN, offering http/1.1
>>> * TLSv1.2 (OUT), TLS handshake, Client hello (1):
>>> * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to
>>> * Closing connection 0
>>> * TLSv1.2 (OUT), TLS alert, Client hello (1):
>>> curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to
>> Bluecoat is probably playing mitm and drops the connection. Does it
>> happen with all https websites? Do you have the same problem when you
>> use a transfer tool other than curl?
> As a matter of fact I'm not sure if Bluecoat supports this at all. But
> there is no reason why it should not. The outer connection should have
> nothing to do with whatever is going on inside (http or https via
> tunnel (CONNECT)). It is currently configured as a HTTPS Reverse Proxy
> on port 443. That's the only mode where it does not seem to be doing
> any interception. But yeah, that is usually used to forward external
> connections to some internal service, and not the other way round.
> I haven't tried all HTTPS websites :) but I have found none that would
> As far as the client goes I haven't tried a client other than Curl,
> no. Curl is kind of the reference. Most browsers don't even allow to
> configure a HTTPS proxy (using their GUI at least), usually one has to
> use PAC file magic or so. Usually they also choke at the first sign of
> trouble with certificates. Before I tackle that (looking for more
> problems) I'd like to confirm it is basically working first.
This sounds like it has to do with the way you configured your proxy. I
suggest ask Bluecoat for help.