Wow, the formatting in Githubs issue tracking is absolutely crap, I can't figure out how to get rid of it. Hope it makes sense anyway. If you can, look at the source
When doing a standard request against google, i get the following problem:
HTTPS:
=>(require '[org.httpkit.client :as http])
nil
=> @(http/get "https://google.com")
{:opts {:url "https://google.com", :method :get}, :error #SSLHandshakeException javax.net.ssl.SSLHandshakeException: General SSLEngine problem}
=> (.printStackTrace (:error *1))
javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1362)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:513)
at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1177)
at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1149)
at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)
at org.httpkit.client.HttpsRequest.doHandshake(HttpsRequest.java:112)
at org.httpkit.client.HttpClient.doRead(HttpClient.java:130)
at org.httpkit.client.HttpClient.run(HttpClient.java:367)
at java.lang.Thread.run(Thread.java:722)
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1683)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:278)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:808)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:806)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1299)
at org.httpkit.client.HttpsRequest.doHandshake(HttpsRequest.java:89)
... 3 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:283)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:138)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1328)
... 10 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 16 more
HTTP request gives a denial response from the proxy, the same way a curl does which http_proxy unset:
=> @(http/get "http://google.com")
{:opts {:url "http://google.com", :method :get}, :body "\n<TITLE>Access Denied</TITLE>\n\n\n\n
\n\n\n\n\n\n\n\n\n\nAccess Denied (authentication_failed)\n \n \n\n |
\n\nYour credentials could not be authenticated: \"Credentials are missing.\". You will not be permitted access until your credentials can be verified.\n\n |
\n\nThis is typically caused by an incorrect username and/or password, but could also be caused by network problems.\n\n |
\n\n \nFor assistance, contact your network support team.
Your request was categorized by Blue Coat Web Filter as 'Search Engines/Portals'. If you wish to question or dispute this result, please click here.\n\n |
\n
\n\n\n", :headers {:set-cookie "BCSI-CS-46f392e86967d19b=2; Path=/", :proxy-authenticate "BASIC realm=\"ACCDOM01_iwa\"", :pragma "no-cache", :content-type "text/html; charset=utf-8", :content-length "1069", :connection "close", :cache-control "no-cache"}, :status 407}
For comparison, slurp works fine with both of them:
=> (slurp "https://google.com")
"<title>Google</title><script>(function(){\nwindow.google={kEI:\"3rD7Ueb8OcSXtQba-oCYAg\",getEI:function(a){for(var b;a....
=> (slurp "http://google.com")
"<title>Google</title><script>(function(){\nwindow.google={kEI:\"BLH7UcyuJ4n6sga-rYGwCw\",getEI:function(a){for(var b;a&&(!a.getAttribute||!(b=a.getAttribute(\"eid\")));)a=a.parentNode;return b||google.kEI},https:function(){return\"https:\"==window.location.protocol},kEXPI:\"17259,4000116,4002855,4003242,400388....
This is using https.proxyHost and http.proxyHost to configure the proxy. Is there any way to configure the proxy per request that I am missing?