This section describes some common problems and their solutions.

Connectivity problems

We recommend the cURL tool to discover if a proxy causes connectivity problems.

Here is a log of a connection to PPRO's boarding API without a proxy, over the ‘naked’ internet:

--cacert in the curl example below points to the CA as a file.

--cacert in the curl example below points to the concatenated customer private key and PPRO-issued certificate in a single.

Use this command to connect to a normal Internet connection:

curl --cacert --cert cert.pem -v


1 Trying

2 Connected to ( port 443 (#0)

If there is a proxy between a development environment and PPRO, then there is a change in cURL's output (or similar). For exampleonboarding:

1 Uses proxy env variable HTTPS_PROXY == 'eu-webproxymain.servers.internet.prv:8080'

2 Trying


4 Connected to eu-webproxymain.servers.internet.prv ( port 8080 (#0)

In the code example above, you can see that the IP address on line 2 has been overwritten by the proxy of the customer in line 1. Line 4 is also overwritten as the proxy has taken over. This can have some side effects:

  1. PPRO always rejects the client SSL certificate with an HTTP400 error, because the proxy has its own SSL certificate.
  2. The certificate authority is never trusted unless overridden (with -k when using curl), because the proxy is also putting itself in the flow.
  3. Other behaviours of the proxy may disrupt authentication or connectivity.

You must bypass this intrusive proxy through a direct connection to the Internet; there is no immediate workaround for cases where a proxy disrupts secure communications to PPRO.