[squid-users] PHP: failed to open stream: Cannot connect to HTTPS server through proxy
Amos Jeffries
squid3 at treenet.co.nz
Sun Mar 11 06:50:37 UTC 2018
On 11/03/18 02:32, chiasa.men wrote:
> I tried to install a joomla-Plugin from behind squid. It didn't work. I could
> reproduce the error using the following php-script:
>
>
>> <?php
>> $url="https://downloads.joomla.org/extensions/install-from-web/1-1-1/
> plg_webinstaller_3.7v1.1.1.zip";
>> $ctx = stream_context_create(['http' => ['proxy' => "tcp://$proxy:$port"],
>> 'ssl' => ['capture_session_meta' => TRUE]]);
>> $html = file_get_contents($url , FALSE, $ctx);
>> $meta = stream_context_get_options($ctx)['ssl']['session_meta'];
>> var_dump($meta);
>> ?>
>
>
> Results in:
>
>> PHP Warning: file_get_contents(): Peer certificate CN=`*.s3-us-
> west-2.amazonaws.com' did not match expected CN=`downloads.joomla.org' in /
> tmp/test.php on line 5
Please read that error message.
downloads.joomla.org is not a part of *.s3-us-west-2.amazonaws.com
This "CN=" is a TLS certificate error and has nothing to do with the proxy.
Why the proxy is being asked to connect to s3-us-west-2.amazonaws.com is
not clear, but the proxy is only doing exactly what is asked of it. Any
issues like this which occur with the data inside the CONNECT tunnel are
purely a problem between client and server.
Amos
More information about the squid-users
mailing list