ECONNRESET google example

[7twin]

Similar to #90 I tried to get the example working, both from the readme and the examples page for the google modifying example, trusted the certificate both on windows and android, but the second I point my phone towards the proxy, it exits out with:

https server started for playatoms-pa.googleapis.com on 59988
HTTPS_CLIENT_ERROR on : Error: 11960:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert
certificate unknown:openssl\ssl\record\rec_layer_s3.c:1407:SSL alert number 46

events.js:167
      throw er; // Unhandled 'error' event
      ^

Error: read ECONNRESET
    at TCP.onread (net.js:659:25)
Emitted 'error' event at:
    at Socket.onerror (_stream_readable.js:696:12)
    at Socket.emit (events.js:182:13)
    at emitErrorNT (internal/streams/destroy.js:92:8)
    at emitErrorAndCloseNT (internal/streams/destroy.js:59:3)
    at process._tickCallback (internal/process/next_tick.js:174:19)

Windows 10 (I added the cert via certutil -addstore "My" .\ca.pem) Android 7

[okwolf]

Are you running Node.js 10.x by chance? I saw a very similar error, but was able to work around it by downgrading to Node.js 8.x.

Possibly related to https://github.com/nodejs/node/issues/20418.

[yar-sh]

I can confirm that switching from Node 10.9 to 8.5 got rid of the error in this example

[7twin]

@okwolf @HaselLoyance Can confirm downgrading to 8 LTS - fixes it, though now that it works all pages display broken https - do you experience the same?

[yar-sh]

@7twin I'm not exactly sure what do you mean by broken https. Do you mean invalid SSL certificate errors like this one?

If so, then you need to import the ssl certificate that http-mitm-proxy generates into your browser OR it can be installed on your system. It'll be located in your project folder .http-mitm-proxy/certs/ca.pem

[7twin]

@HaselLoyance Yeah - that but basically on android - I did install the .pem systemwide though

[yar-sh]

@7twin Sadly, installing certificates on android didn't work for me etiher. Even though I got the message that the certificate was successfully installed I still had insecure https connections

Though it's weird that you were able to install .pem certificate. Usually, android only allows .der. Maybe try converting it to .der and seeing if that'll change anything?

[7twin]

@HaselLoyance apparently I had to install it as "APP and VPN" certificate, just the encoding seems off with the default example now

[giltayar]

I found a workaround to this problem to make it work on Node v10:

    ctx.onResponse(function(ctx, callback) {
      ctx.proxyToServerRequest.socket.once('close', () => {
        clientToProxyRequest.socket.destroy()
      })
      return callback()

You need to add this code at the start of the proxy.onRequest handler.

You can find the reasoning (which I didn't totally understand) here: https://stackoverflow.com/questions/51792579/how-to-prevent-the-econnreset-when-tunnelling-https-request-and-the-remote-serve

It works fine for me and now I'm back in business!

[yar-sh]

@giltayar That is very interesting. Though I had the same error occur when I was using proxy.onConnect(req,socket,etc...). But even after I've added "close" and "end" event handlers to the socket it still was throwing the same error. The funny part is that the error was occuring randomly at different requests

[freewil]

I ran into a similar error with proxying https traffic and have been able to mitigate by enabling keepAlive. See #177

[giltayar]

Crazily enough, the latest version of Node 10 has this problem resolved! I don't need my hack anymore. I use Node v10.12.0.