Hello, I thought curl did actually sent SSL, but it seems it's not because I don't see any SSL Handshake in curl output :-/
I guess curl tries to use HTTP tunnel even if I specify a HTTPS proxy with export https_proxy="https://my_proxy:443/"; or using commandline option -x/--proxy with same value. Will dig into it, Regards, Jean-Baptiste On 09/10/2013 19:48, James Peach wrote: > On Oct 9, 2013, at 9:25 AM, Jean Baptiste Favre <[email protected]> wrote: > >> Hello James, >> Thanks for your quick reply. >> >> I added following line into ssl_multicert.config: >> dest_ip=* ssl_cert_name=cert.pem ssl_key_name=key.pem >> >> Then run /usr/bin/traffic_server -T ssl and get these logs when >> launching curl command: >> >> Server {0x7ffebb655700} DEBUG: (ssl) [SSLNextProtocolAccept:mainEvent] >> event 202 netvc 0x22574d0 >> Server {0x7ffebb655700} DEBUG: (ssl) IP context is (nil), default >> context 0x7ffebc0a5170 >> Server {0x7ffebb655700} DEBUG: (ssl) >> SSLNetVConnection::sslServerHandShakeEvent, error >> Server {0x7ffebb655700} ERROR: SSL ERROR: SSL_ServerHandShake. >> Server {0x7ffebb655700} ERROR: SSL::5:error:1407609B:SSL >> routines:SSL23_GET_CLIENT_HELLO:https proxy request:s23_srvr.c:423: >> Server {0x7ffebb655700} DEBUG: (ssl) >> SSLNetVConnection::sslServerHandShakeEvent, error >> Server {0x7ffebb655700} ERROR: SSL ERROR: SSL_ServerHandShake. >> Server {0x7ffebb655700} ERROR: SSL::5:error:1407609B:SSL >> routines:SSL23_GET_CLIENT_HELLO:https proxy request:s23_srvr.c:423: >> >> Will continue debugging tomorrow, > > Are you positive that the curl command you are using is actually sending SSL, > rather than HTTP? > >> >> Regards, >> Jean-Baptiste
