Can't connect to HTTPS host using proxy with http:// url scheme
$ wget2 -d https://encrypted.google.com -O wget2_https
11.180631.772 Local URI encoding = 'UTF-8'
11.180631.772 Input URI encoding = 'UTF-8'
11.180631.772 Fetched HSTS data from '/home/rootkea/.wget-hsts'
11.180631.772 Fetched HPKP data from '/home/rootkea/.wget-hpkp'
11.180631.772 add TLS session data for localhost (maxage=64800, size=1303)
11.180631.772 Fetched TLS session data from '/home/rootkea/.wget-session'
11.180631.772 Fetched OCSP hosts from '/home/rootkea/.wget-ocsp_hosts'
11.180631.772 Fetched OCSP fingerprints from '/home/rootkea/.wget-ocsp'
11.180631.773 *url = https://encrypted.google.com
11.180631.773 *3 https://encrypted.google.com
11.180631.773 host_add_job: job fname (null)
11.180631.773 host_add_job: 0x60800000bb10 https://encrypted.google.com
11.180631.773 host_add_job: qsize 1 host-qsize=1
11.180631.773 queue_size: qsize=1
11.180631.773 queue_size: qsize=1
11.180631.773 queue_size: qsize=1
11.180631.773 [0] action=1 pending=0 host=0x0
11.180631.773 qsize=1 blocked=0
11.180631.773 pause=-1497184591773
11.180631.773 dequeue job https://encrypted.google.com
11.180631.773 resolving 192.168.16.253:3128...
11.180631.773 has 192.168.16.253:3128
11.180631.773 Add dns cache entry 192.168.16.253:3128
11.180631.773 trying 192.168.16.253:3128...
11.180631.774 GnuTLS init
11.180631.817 Certificates loaded: 176
11.180631.817 GnuTLS init done
11.180631.817 TLS False Start requested
11.180631.874 gnutls_handshake: (-15) An unexpected TLS packet was received.
11.180631.874 TLS False Start: off
----
Unsupported authentication -1.
----
Key Exchange: (null)
Protocol: TLS1.2
Certificate Type: X.509
Compression: NULL
Cipher: NULL
MAC: MAC-NULL
----
11.180631.874 closing connection
11.180631.874 Failed to connect (-5)
11.180631.874 host_final_failure: qsize=0
11.180631.874 host_increase_failure: encrypted.google.com failures=1
11.180631.874 [0] action=3 pending=1 host=0x60500000ef60
11.180631.874 released job https://encrypted.google.com
11.180631.874 [0] action=1 pending=0 host=0x0
11.180631.874 qsize=1 blocked=1
11.180631.874 main: wake up
11.180631.874 main: done
11.180631.875 Successfully updated '/home/rootkea/.wget-session'.
11.180631.875 Saved 1 TLS session entry into '/home/rootkea/.wget-session'
11.180631.875 Successfully updated '/home/rootkea/.wget-ocsp_hosts'.
11.180631.875 Saved OCSP hosts to '/home/rootkea/.wget-ocsp_hosts'
11.180631.875 Successfully updated '/home/rootkea/.wget-ocsp'.
11.180631.876 Saved OCSP fingerprints to '/home/rootkea/.wget-ocsp'
11.180631.876 blacklist https://encrypted.google.com
$
It looks like TLS Handshake
failed. At first it appears to be a proxy issue but I can download the same webpage using wget
. Haven't looked into code yet. Just wanted to report it first.
$ wget https://encrypted.google.com -O wget_https
--2017-06-11 18:06:51-- https://encrypted.google.com/
Connecting to 192.168.16.253:3128... connected.
Proxy request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘wget_https’
wget_https [ <=> ] 9.55K --.-KB/s in 0.003s
2017-06-11 18:06:52 (2.67 MB/s) - ‘wget_https’ saved [9777]
$
Edited by Avinash Sonawane