trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alan Carroll <solidwallofc...@oath.com>
Subject Re: Questions on forwarding proxy in hierarchical mode
Date Mon, 17 Dec 2018 20:47:07 GMT
Sorry, was out at a conference last week.

If you're getting "Tunnel Forbidden" it means a `CONNECT` request is going
through ATS and getting blocked because `proxy.config.http.connect_ports`
[1] doesn't allow the remote port. This may have changed between 5 and 8.
I suspect that the HTTPS change is related, because that may be causing the
`CONNECT` request. I suspect the 502 is due to confusion about whether the
connection is HTTP or HTTPs, where an HTTP request is treated as an TLS
Client Hello or vice versa. The first step I would take is finding where
the `CONNECT` is happening.

[1]
https://docs.trafficserver.apache.org/en/8.0.x/admin-guide/files/records.config.en.html#proxy-config-http-connect-port

Mime
View raw message