Re^2: Inconsistent errors when trying to establish SSL-connection

It is perfectly normal to proxy HTTPS with a a HTTP proxy. Proxying HTTPS is done by making a CONNECT request to establish a tunnel and the speak the normal TLS inside the tunnel. Thus you have still all the protections offered by TLS. See RFC 2817 section 5 for more details.

Comment on Re^2: Inconsistent errors when trying to establish SSL-connection

Replies are listed 'Best First'.
Re^3: Inconsistent errors when trying to establish SSL-connection by hippo (Archbishop) on Oct 01, 2016 at 09:39 UTC
Thanks for the pointer to RFC 2817, which explains a lot. It does still leave me wondering quite what the purpose is of using a proxy in such a situation. It can't be caching because the proxy cannot read the content and it can't be monitoring for the same reason. Any thoughts?	[reply]
Re^4: Inconsistent errors when trying to establish SSL-connection by noxxi (Pilgrim) on Oct 01, 2016 at 14:26 UTC
A proxy is not necessarily a caching proxy. Often proxies are employed at firewalls or similar to enforce policies which sites can be visited and to filter traffic. In these cases use of a proxy is mandatory, i.e. there is no direct way to the internet.	[reply]