Home/ Questions/Q 6144897
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T18:42:56+00:00

I’m experiencing a strange problem that I’m not able to figure out. The proxy

  • 0

I’m experiencing a strange problem that I’m not able to figure out. The proxy when used in my Java code to make non-SSL requests always gives error informing me that I cannot send SSL requests to the specified port (whereas I’m not even trying to send any SSL request), however the same proxy when configured in my Firefox browser works like a charm and I can browse all web sites normally. Note that using the same Java code, I can send requests to 443 port alone. But that’s because the proxy detects that the requests are SSL, and that’s why it only allows them to pass through 443 port.

I don’t have the option to use -Dhttp.proxyHost and -Dhttps.proxyHost options with me because they simply won’t work on the Socket objects, I would need a Socks proxy which I don’t have access to. So I opted to go with commons-httpclient-3.1.jar, and used ProxyClient object to obtain the socket.

This is the code I’m using to obtain a socket:

// Proxy Client
ProxyClient client = new ProxyClient();
client.getHostConfiguration().setHost("google.com", 80);
client.getHostConfiguration().setProxy("corporate-proxy", 80);
ConnectResponse response = client.connect();
Socket socket = response.getSocket();
if (socket == null) {
  System.err.println(response.getConnectMethod().getStatusLine());
}

and this is the exact error message that is printed by my System.err.println() statement:

HTTP/1.1 502 Proxy Error ( The specified Secure Sockets Layer (SSL) port is not allowed. ISA Server is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests. )

Please don’t suggest me to use URLConnection because I don’t need the proxy for HTTP requests alone.

I have also tried to explicitly specify the protocol to be http without any luck:

client.getHostConfiguration().setHost("google.com", 80, Protocol.getProtocol("http"));

Any suggestions on how to configure this ProxyClient object, so that the proxy server doesn’t see requests to be coming as SSL requests?

Thanks.

UPDATE

I seem to have figured out the reason why the ISA server thought I’m using SSL. Actually the statement client.connect(); creates a socket that is connected, via the HTTP CONNECT method, to a proxy. The Java doc says that, even though HTTP CONNECT proxying is generally used for HTTPS tunneling, the returned socket will not have been wrapped in an SSL socket.

But for ISA, it would still think about this kind of HTTP request as an SSL request. And when it sees that this SSL request is not on 443, instead it is on some other port, it straight away rejects it.

So now the problem instead is that how do I make the client.connect() call to send an HTTP GET or HTTP HEAD instead of HTTP CONNECT..

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Sorry, but I think this is a limitation os ISA Server and not a problem of ProxyClient. See the article here to configure ISA Server to allow to connect to other port, beside 443. I think ISA Server don´t recognize you request because it isnt in a HTTP 1.x request.

    • 0