cpprestsdk icon indicating copy to clipboard operation
cpprestsdk copied to clipboard

Published 20 hours ago verified publisher icon microsoft

CRL check is not performed via the configured proxy

Open doronshemtov opened this issue 3 years ago • 0 comments

Description

When an http_client is configured with proxy, the CRL check is not being sent to the proxy configure via client_config.set_proxy.

Client example:

http_client_config client_config;
web::web_proxy proxy(proxy_url);
client_config.set_proxy(proxy);
client_config.set_validate_certificate(true);
m_client = http_client(web::uri(m_base_url), client_config);

How to reproduce (tested on Windows 10):

  1. Set a local proxy
pip install proxy.py
python -m proxy --hostname 127.0.0.1

The default port is 8899

  1. Clear the CRL cache certutil -urlcache * delete

  2. Execute a client based on the example above. Use this proxy url: http://127.0.0.1:8899

  3. In this screenshot, it is visible (using sysinternal's procmon) that the CRL wasn't downloaded using the proxy. All the requests are performed by the same application. The requests to 192.124.249.22:80 are the CRL check requests. The rest of the requests are sent to the configure proxy.

image

doronshemtov avatar Nov 07 '22 08:11 doronshemtov