trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alan Carroll <solidwallofc...@verizonmedia.com>
Subject Re: Cannot proxy to site HTTPS on port 8443
Date Thu, 21 Feb 2019 21:15:48 GMT
Yes, that's a common use case.

On Thu, Feb 21, 2019 at 3:11 PM Eric Chaves <eric@uolet.com> wrote:

> Hi Susan, that whats it, thanks!
>
> Out of curiosity, I'm not yet very familiar to ATS (and remap), but would
> it be possible to setup ATS in a way where my clients would request URI
> using HTTP and ATS requesting to origin with HTTPS (so I can log request
> and responses)?
>
> For example, client would request http://some-site:8443/app?wsdl to ATS
> and ATS would actually perform http://some-site:8443/app?wsdl.
>
> Thanks again for your help.
>
> Em qui, 21 de fev de 2019 às 17:42, Susan Hinrichs <shinrich@apache.org>
> escreveu:
>
>> If you are proxying through ATS instead of terminating the TLS on the ATS
>> box, you will need to update the set of allowed connect_ports
>>
>> proxy.config.http.connect_ports
>>
>>
>>
>> https://docs.trafficserver.apache.org/en/latest/admin-guide/files/records.config.en.html?highlight=connect_ports#proxy.config.http.connect_ports
>>
>> On Thu, Feb 21, 2019 at 1:23 PM Eric Chaves <eric@uolet.com> wrote:
>>
>>> Hi folks,
>>>
>>> I've successfully configured an ATS instance working as forward proxy
>>> for my services. My client applications are successfully using the proxy to
>>> reach sites running on standard HTTP ports (80 and 443) but when I try to
>>> reach a site in non standard site (ie
>>> https://some-domain:8443/index.html) I receive an error " Received HTTP
>>> code 403 from proxy after CONNECT". The HTTP response headers are:
>>>
>>> HTTP/1.1 403 Tunnel Forbidden
>>> Date: Thu, 21 Feb 2019 19:20:27 GMT
>>> Proxy-Connection: keep-alive
>>> Server: ATS/8.0.2
>>> Cache-Control: no-store
>>> Content-Type: text/html
>>> Content-Language: en
>>> Content-Length: 207
>>>
>>> If I ssh into the proxy host and perform a simple curl to the site
>>> destination (ie curl https://some-domain:8443/index.html) I
>>> successfully reach it, so I assume I'm missing something in ATS
>>> configuration.
>>>
>>> Any idea what I could be doing wrong?
>>>
>>> Best regards,
>>>
>>> Eric
>>>
>>

Mime
View raw message