Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
SSL-Connection via Proxy with Authentcation fails
See original GitHub issueThe following simple request via a Proxy that requires Authentication fails:
final Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("localhost", 8001));
final Response response = new OkHttpClient.Builder()
.proxy(proxy)
.proxyAuthenticator(new Authenticator() {
@Override
public Request authenticate(Route route, Response response) throws IOException {
String credential = Credentials.basic("proxyuser", "proxypass");
return response.request().newBuilder()
.header("Proxy-Authorization", credential)
.build();
}
})
.build()
.newCall(new Request.Builder()
.get()
.url("https://www.google.com/")
.build())
.execute();
with the following error:
Caused by: java.net.ProtocolException: Unexpected status line: <html>
at okhttp3.internal.http.StatusLine.parse(StatusLine.java:69)
at okhttp3.internal.http.Http1xStream.readResponse(Http1xStream.java:186)
at okhttp3.internal.connection.RealConnection.createTunnel(RealConnection.java:296)
at okhttp3.internal.connection.RealConnection.buildTunneledConnection(RealConnection.java:155)
at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:111)
at okhttp3.internal.connection.StreamAllocation.findConnection(StreamAllocation.java:193)
at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.java:129)
at okhttp3.internal.connection.StreamAllocation.newStream(StreamAllocation.java:98)
at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:42)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:109)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:124)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:170)
at okhttp3.RealCall.execute(RealCall.java:60)
The same request via a Proxy without Authentication works fine, as does a Non-SSL request via Proxy with Authentication.
The issue came up while debugging googlemaps/google-maps-services-java#190. Both, v2.7.5 and v3.4.1 show the same behaviour.
For testing, I’m using mitmproxy with the following parameters: mitmproxy -p 8001 --singleuser proxyuser:proxypass
Issue Analytics
- State:
- Created 7 years ago
- Reactions:3
- Comments:11 (4 by maintainers)
Top Results From Across the Web
How to resolve error during ssl handshake with remote server
Proxy Error The proxy server could not handle the request GET /web_app. Reason: Error during SSL Handshake with remote server.
Read more >ssl handshake error with authenticated http proxy #650 - GitHub
I'm seeing an issue when connecting to a server using https through a http proxy using basic authentication (username/password).
Read more >Failure to authenticate a tunneled SSL request | ProxySG ...
The error you are getting is due to the same reason as proxy is asked to authenticate an ssl request which is not...
Read more >How do I resolve "Certificate verification failed" and "SSL ...
An error containing the phrase "Certificate verification failed" appears in your Duo Authentication Proxy debug logs. Resolution.
Read more >"cannot authenticate SSL certificate for proxy" in Content ...
This issue occurs when the proxy certificate is not trusted by the vCenter Server, causing API calls to fail on HTTPS URLs.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Tend to disagree here: Both
Content-LengthandConnectionare optional response-headers, so the client needs to be able to work properly without their presence.Other HTTP-clients, even plain
java.net.HttpUrlConnectionmanage to connect via that proxy, but anyway - we’ll try to find a workaround solution…I recently encountered this problem, and described it on staskoverflov, but got no response https://stackoverflow.com/questions/50028879/okhttp-request-via-proxy-with-authentcation-fails I’m 100% sure that the problem is not in the HTTP server. The problem has not been solved. If you have any ideas…