Written by Jamie Tanna
on August 6, 2019
CC-BY-NC-SA-4.0 Apache-2.0
1 mins

Using OpenSSL Behind a (Corporate) Proxy

When at work, I'm behind a corporate proxy, which requires all my traffic to the outside world needing to pass through the proxy for various security reasons.

However, if I'm trying to i.e. use OpenSSL to get the public certificate for a website using the steps in my article Extracting SSL/TLS Certificate Chains Using OpenSSL, I've found that the requests I send sending are just timing out.

I found that this is because OpenSSL doesn't go via the proxy unless you explicitly tell it with an explicit -proxy:

openssl s_client -showcerts -connect "jvt.me:443" -proxy proxy.example.com:8888 ...

EDIT: Thanks to this comment from Charles MERLEN, there doesn't need to be a scheme on the proxy connection above (i.e. http://).

With that set, my connections then start to go through OK again.

Written by Jamie Tanna on Tue, 06 Aug 2019 12:51:11+01:00, and last updated on Thu, 09 Dec 2021 09:32:34+00:00.

Content for this article is shared under the terms of the Creative Commons Attribution Non Commercial Share Alike 4.0 International, and code is shared under the Apache License 2.0.

#blogumentation #openssl #proxy.

This post was filed under articles.

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.

← → Top