Ok, I redirected port 443 to proxy via iptables. Now the message connect disapear. I can see in wireshark the connection is redirected correctly. But when I try to connect via https:
wget -4 https://www.google.com --2015-05-06 13:12:07-- https://www.google.com/ Resolving www.google.com (www.google.com)... 173.194.116.243, 173.194.116.244, 173.194.116.240, ... Connecting to www.google.com (www.google.com)|173.194.116.243|:443... connected. OpenSSL: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure Unable to establish SSL connection. And in log of traffic server: [May 6 13:12:07.306] Server {0x7f6a043c4700} DEBUG: (ssl) [SSLNextProtocolAccept:mainEvent] event 202 netvc 0x624ace0 [May 6 13:12:07.306] Server {0x7f6a043c4700} DEBUG: (ssl) IP context is (nil) for [10.0.133.70:37431] -> [10.0.22.59:8090], default context 0x7f6a1804a3b0 [May 6 13:12:07.306] Server {0x7f6a043c4700} DEBUG: (ssl) ssl_callback_info ssl: 0x6307c30 where: 16 ret: 1 [May 6 13:12:07.306] Server {0x7f6a043c4700} DEBUG: (ssl) ssl_callback_info ssl: 0x6307c30 where: 8193 ret: 1 [May 6 13:12:07.306] Server {0x7f6a043c4700} DEBUG: (ssl) ssl_servername_callback ssl=0x6307c30 ad=112 server=www.google.com handshake_complete=0 [May 6 13:12:07.306] Server {0x7f6a043c4700} DEBUG: (ssl) ssl_servername_callback using SSL context 0x7f6a1804a3b0 for requested name 'www.google.com' [May 6 13:12:07.307] Server {0x7f6a043c4700} DEBUG: (ssl) ssl_callback_info ssl: 0x6307c30 where: 16392 ret: 552 [May 6 13:12:07.307] Server {0x7f6a043c4700} DEBUG: (ssl) ssl_callback_info ssl: 0x6307c30 where: 8194 ret: -1 [May 6 13:12:07.307] Server {0x7f6a043c4700} DEBUG: (ssl) ssl_callback_info ssl: 0x6307c30 where: 8194 ret: -1 [May 6 13:12:07.307] Server {0x7f6a043c4700} DEBUG: (ssl) SSL::140093314320128:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1361: peer address is 10.0.133.70 [May 6 13:12:07.307] Server {0x7f6a043c4700} DEBUG: <SSLNetVConnection.cc:941 (sslServerHandShakeEvent)> (ssl) SSL handshake error: SSL_ERROR_SSL (1), errno=0 [May 6 13:12:07.307] Server {0x7f6a043c4700} DEBUG: <SSLNetVConnection.cc:1037 (sslServerHandShakeEvent)> (ssl) SSLNetVConnection::sslServerHandShakeEvent, SSL_ERROR_SSL errno=0 But I can see in wireshark only tcp packets with SYN,ACK,PSH,FIN. No ssl client hello packet. When I try to redirect traffic of 443 through non-ssl port of traffic server. Everything seems to be ok. Do you have any idea how solve this issue? Thanks for answer.
