Thanks for the help with this. We don't have a remap in this situation as we want all traffic to go to this single upstream, which is another intermediary proxy. So ATS sits in the middle, but should forward all requests to a single upstream proxy that is itself https.
In squid it's like this: cache_peer my-upstream.proxy.com parent 443 0 no-query tls But I don't want to use squid. Thanks again, Zack > On Nov 9, 2021, at 11:55 AM, Jeremy Payne <[email protected]> wrote: > > also.. please provide the remap entry in question. > you can sanitize the hostnames.. but keep the scheme references. > i do believe the parent selection must match the origin scheme defined > in the remap. > > '502 connection refused' sounds like the parent selection is not > matching and the request is going directly to origin. > unless things have changed, ATS to upstream certificate verify failure > usually results in a > '502 service unavailable' > > > > > On Thu, Nov 4, 2021 at 2:12 PM Zack Bartel <[email protected]> wrote: >> >> Hello everyone, >> I am trying to configure ATS 9.0.0 to upstream to another secure proxy over >> https. I can't get it to work and all connections 502 Connection Refused. Is >> it possible to use https for the parent proxy? >> >> >> url_regex=.+ scheme=https parent="my-upstream.proxy.com:443" >> round_robin=true ignore_self_detect=true >> >> >> Thank you, >> >> Zack Bartel
