[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [CONTRIBUTE] [DONATE]

Cannot connect via a proxy

Support
#1

I need to browse with a FF or Chromium inside a Whonix client, but whenever I connect via Socks5 proxy, certain websites just won’t load. The error code it shows:

Software is Preventing Firefox From Safely Connecting to This Site

duckduckgo.com is most likely a safe site, but a secure connection could not be established. This issue is caused by **None**, which is either software on your computer or your network.

Error code: MOZILLA_PKIX_ERROR_MITM_DETECTED

Similar thing happens with Chromium. I’ve tried playing with options

Proxy DNS when using SOCKS v5
Enable DNS over HTTPS

with no change. The proxies I tried came from multiple proxy websites. Ialways checkif they’re live. Some websitwesdo work, some don’t no matter the proxy I use (I suspect it’s a matter of http/https website). Note that I also change the time on Whonix client to target destination timezone (EU - US). I enter the proxy details into “Socks proxy” form in FF network settings and leave the other three forms empty.

Any idea what might be causing this?

#2

Shouldn’t use Firefox or Chromium in Whonix. Reasons, see:

Shouldn’t currently use Debian Chromium package. Reason, see:

General notes:

^ Above page also contains instructions how to use Tor Browser or Whonix generally with a proxy (User → Tor → Proxy → Internet).

Tor Browser proxy settings also here:

https://www.whonix.org/wiki/Tor_Browser/Advanced_Users#Proxy_Settings

Shouldn’t change time zone. Reasons:

https://www.whonix.org/wiki/Post_Install_Advice#Network_Time_Syncing

I can confirm what Whonix to my knowledge doesn’t contain any code to restrict proxy use (anywhere, in Firefox or Chromium). Certainly not intentionally.

Would probably be same issue on Debian without Whonix involved. Therefore suggested to resolve as per https://www.whonix.org/wiki/Free_Support_Principle.

#3

You can connect if you disable HTTPS cert checks in the browsers config, but I wouldn’t do that unless you absolutely don’t care if about the data you send:

1 Like
#4

Yeah, that’s what I wanna avoid for security reasons. But if it’s the only way… I still think it’s me who got something wrong in the setup process.

#5

Sometimes I can connect to http sites only and the message changes to
Unable to find the proxy server
or
PR_END_OF_FILE_ERROR

#6

If the proxy screws up TLS in such obvious ways, it’s hard to get a better, more easily visible reason to not use the proxy.

1 Like
#7

Do you have a tip for a source of better free proxies?

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]