We effectively do that... we have our child remaps like: map https://alias.example.com https://alias.example.com
with a parent.config line of dest_domain=alias.example.com scheme=http parent="parent1.example.com:80,..." round_robin=consistent_hash go_direct=false dest_domain=alias.example.com scheme=https parent="parent1.example.com:443,..." round_robin=consistent_hash go_direct=false then the parent remap as map https://alias.example.com https://origin.example.com and of course ssl_multicert listing the alias.example.com cert for both. To troubleshoot, I'd hop onto the child machine, and run cURLs to your parent -- curl -IXGET --resolve alias.example.com:443:12.3.4 https://alias.example.com ... to make sure that's working (then the same swapping out the parent IP for the child). Then watch logs on the parent to make sure the child requests are making it there. miles On Fri, Dec 14, 2018 at 1:02 AM <[email protected]> wrote: > > Hello, > > > > I have this design i’m trying to implement with Apache Traffic Server. > > > > Two separate parent forwarding proxies in different network segments for > accessing internet and internal services. > > One child forwarding proxy, which receives all the requests and forwards > those to the corresponding parent proxy based on URL or some other parameter. > > > > Feels straightforward, and worked with the 5.x version coming from EPEL, but > i cannot get it working with the 8.0.1. > > HTTP requests work fine when curling from a random server using the child > proxy, but any HTTP>HTTPS redirect or HTTPS page doesn’t. > > > > If i enable remapping on child and parents, i get „HTTP/1.1 403 Tunnel > Forbidden traffic server“ > > If i disable it, i get „Received HTTP code 502 from proxy after CONNECT“ > > > > Am i missing something crucial in the ATS logic? Is such a use case possible > with ATS? > > > > Best regards, > > Dmitri > >
