Question

Issues with MITM Proxy


My company has an MITM proxy setup, which is resulting in many cloud based service requests failing. Obviously it only applies to any requests via HTTPS, so I am wondering how other people have gotten around these issues? I have set the correct proxy settings within the 'Network Proxy' options and have even setup custom proxies for each of the cloud based services, but still no success.

For instance, attempting to use the HTTPCaller to access the HERE Geocoder results in the following error (the blacked out proxy is correct):

An example of another issue I am encountering is when I attempt to create a CartoDB connection, I am receiving the following error (the blacked out domains are correct):

I have tried everything other than asking my IT department to white list the cloud based services. IT have confirmed that they can see the requests reaching the proxy, but have claimed that the authentication needs to be set to NTLM, but this only results in similar errors. Even when I use the Geocoder transformer, I receive the following:

I can confirm that I can access these services via a browser on the same machine as FME Workbench, so the proxy appears to be allowing requests to these services, just not via FME Workbench.

I am just not getting anywhere at the moment, so any help will be appreciated.


2 replies

Badge +7

Hi @sully,

 

 

Thanks for your question. I talked to a couple of our developers and I think I have some explanation for you..

 

 

1) For the Geocoder, since it's a Python-backed transformer, we currently don't support NTLM proxy authentication. This is something we could look further into if we see more demand, but it's currently not a high priority. It would require some Python retooling.

 

 

2) It was curious that the HTTPCaller failed while your browser was successful. It's likely due to a problem with the Windows Certificate Store being properly honoured by FME. We've introduced a fix which will go in to the product around 2019.1.1. Stay tuned for a more accurate build number where you can find the changes.

 

 

3) The changes *may* fix the CARTO issue, or it may be unrelated. If you still have problems, let us know and we can investigate.

 

 

Best,

 

Nathan

Thanks for the reply Nathan.

So after a lot of back and forth with IT, it turns out they neglected to install the proxy certificate onto the PC with FME Desktop. They haven't completed the update as yet, but hopefully this will solve my issues.

I will let you know how it goes.

Reply