Replies: 2 comments 1 reply
-
Px simply uses libcurl so anything is possible. That being said, when Px connects to an upstream NTLM/Kerberos proxy, it just connects using plain HTTP since folks usually setup http_proxy or equivalent. Further, the actual SSL conversation for HTTPS URLs is directly between the client and the target server - Px does an HTTP CONNECT to the NTLM/Kerberos proxy which will further do an HTTP CONNECT to the target server and let the client directly talk to the target server. All the SSL key exchange and encryption/decryption happens between client and server. Px and upstream proxy have no idea what is being discussed and simply forward packets back and forth. I'm not sure how TLS fits into all this but presume that also will be directly between the client and the target server. If you can test and find out, it will be best. Curious to know your results. |
Beta Was this translation helpful? Give feedback.
-
I explained it poorly so I have updated my original post. My understanding is when an explicit proxy (PX in this case) is configured at a client by default it will send a HTTP connect to PX proxy e.g. |
Beta Was this translation helpful? Give feedback.
-
Does PX proxy support clients connecting over TLS i.e. where a client may have setup
https_proxy=https://pxproxy:3128
for example as opposed tohttp_proxy
?Beta Was this translation helpful? Give feedback.
All reactions