[jira] [Commented] (TS-3019) CONNECT (HTTP method) fails for TLS connections to itself

James Peach (JIRA) Tue, 16 Aug 2016 13:03:55 -0700

    [ 
https://issues.apache.org/jira/browse/TS-3019?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15423293#comment-15423293
 ]


James Peach commented on TS-3019:
---------------------------------

This might be related to ATS sending the SNI extension on the TLS server 
session or the curl version not sending it.\. As recently as 2 months ago I was 
able to use the lua plugin to get a CONNECT method to do TLS termination in the 
same ATS process.

> CONNECT (HTTP method) fails for TLS connections to itself  
> -----------------------------------------------------------
>
>                 Key: TS-3019
>                 URL: https://issues.apache.org/jira/browse/TS-3019
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: Core, SSL
>            Reporter: Igor Brezac
>             Fix For: sometime
>
>
> To duplicate the issue setup an https map.  Something like:
> map https://www.example.com/ some_origin
> curl -v -p -x ats:1080 https://www.example.com/
> ...
> < HTTP/1.1 200 OK
> < Date: Fri, 15 Aug 2014 15:12:43 GMT
> < Proxy-Connection: close
> <
> * Proxy replied OK to CONNECT request
> * successfully set certificate verify locations:
> *   CAfile: none
>   CApath: /etc/ssl/certs
> * SSLv3, TLS handshake, Client hello (1):
> * error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
> * Closing connection #0
> curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (TS-3019) CONNECT (HTTP method) fails for TLS connections to itself

Reply via email to