If you are proxying through ATS instead of terminating the TLS on the ATS box, you will need to update the set of allowed connect_ports
proxy.config.http.connect_ports https://docs.trafficserver.apache.org/en/latest/admin-guide/files/records.config.en.html?highlight=connect_ports#proxy.config.http.connect_ports On Thu, Feb 21, 2019 at 1:23 PM Eric Chaves <[email protected]> wrote: > Hi folks, > > I've successfully configured an ATS instance working as forward proxy for > my services. My client applications are successfully using the proxy to > reach sites running on standard HTTP ports (80 and 443) but when I try to > reach a site in non standard site (ie https://some-domain:8443/index.html) > I receive an error " Received HTTP code 403 from proxy after CONNECT". The > HTTP response headers are: > > HTTP/1.1 403 Tunnel Forbidden > Date: Thu, 21 Feb 2019 19:20:27 GMT > Proxy-Connection: keep-alive > Server: ATS/8.0.2 > Cache-Control: no-store > Content-Type: text/html > Content-Language: en > Content-Length: 207 > > If I ssh into the proxy host and perform a simple curl to the site > destination (ie curl https://some-domain:8443/index.html) I successfully > reach it, so I assume I'm missing something in ATS configuration. > > Any idea what I could be doing wrong? > > Best regards, > > Eric >
