Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-274

UA side SSL support in forward proxy

    XMLWordPrintableJSON

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Invalid
    • Affects Version/s: 2.1.0, 2.0.0a
    • Fix Version/s: None
    • Component/s: SSL
    • Labels:
    • Environment:

      Debian, Linux 2.6.18 32-bit

      Description

      Using self-signed SSL certificates, which are in the correct paths under $prefix, and giving no startup errors, I get the following error when making a request through the proxy :

      Mar 24 14:35:09 www traffic_server[27926]: {1146895248} ERROR: SSL ERROR: SSL_ServerHandShake.
      Mar 24 14:35:09 www traffic_server[27926]: {1146895248} ERROR: SSL::5:error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy request:s23_srvr.c:384:
      Mar 24 14:36:47 www traffic_server[27926]: {1146895248} ERROR: SSL ERROR: SSL_ServerHandShake.
      Mar 24 14:36:47 www traffic_server[27926]: {1146895248} ERROR: SSL::5:error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request:s23_srvr.c:379:
      

      The first of these two was from using Proxifier (Windows software) to connect to the server, the second is from using `curl -k -x $ip:443 http://google.com/`.

      The issue appears on the latest trunk version and the 2.0.x branch as of today when used in forward proxy mode.

      I have not personally tested in reverse proxy mode, but zwoop (Freenode IRC name) tested in reverse proxy mode, and reverse proxy mode worked only in the 2.0.x but not trunk.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              eugaia Marcus Clyne
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: