Closed alexxbb closed 3 years ago
Could it be that your proxy does not actually support TLS/HTTPS? Does it work if you unset HTTPS_PROXY
and set HTTP_PROXY
instead?
If not, does your proxy host have a valid HTTPS setup with a non-self-signed certificate?
(HTTP Proxies in general should work, see #68. This must be an issue with your proxy server configuration.)
Could it be that your proxy does not actually support TLS/HTTPS? Does it work if you unset
HTTPS_PROXY
and setHTTP_PROXY
instead?If not, does your proxy host have a valid HTTPS setup with a non-self-signed certificate?
setenv HTTP_PROXY http://proxy.$HOST.com:8080
Doesn't work either. It could be that our proxy is old and/or very strict. Our environment is very isolated, but the infra team said it should just work, because .. curl
and wget
work...
It could also be that the proxy uses old (insecure) versions of SSL, which are not supported anymore by the reqwests library and its TLS stack.
In case you have the openssl
binary installed, what does openssl s_client -connect your-proxy:8080
return? For example:
$ openssl s_client -connect github.com:443 2>/dev/null | grep Cipher
New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256
Note: There was an attempt at making network support optional (https://github.com/dbrgn/tealdeer/pull/72), but it was dropped as nobody seemed to care about it (and it would have added quite some additional maintenance cost).
>> openssl s_client -connect github.com:443
socket: Bad file descriptor connect:errno=9
I'm going to close this, because our super isolated environment is probably to secure and(or) outdated that it's not worth spending time on it. I can still download the .tar file manually with wget
.
Thank you!