HTTPS URL Scanning Problem with [java.net.ConnectException]: Connection refused: connect
477 views
Skip to first unread message
Muhammad Farooq
May 24, 2016, 1:56:18 PM5/24/16
to OWASP ZAP User Group
I can't seem to get ZAP working for HTTPS sites with all the mentioned solutions that I could browse.
I am using ZAP 2.3.4 on Windows 10 and JRE 1.8.0_91 ... I have installed JCE policies under C:\Program Files (x86)\Java\jre1.8.0_91\lib\security to no avail... here is the complete trace on the page that i get:
ZAP Error [java.net.ConnectException]: Connection refused: connect Stack Trace: java.net.ConnectException: Connection refused: connect at java.net.DualStackPlainSocketImpl.connect0(Native Method) at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source) at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source) at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source) at java.net.AbstractPlainSocketImpl.connect(Unknown Source) at java.net.PlainSocketImpl.connect(Unknown Source) at java.net.SocksSocketImpl.connect(Unknown Source) at java.net.Socket.connect(Unknown Source) at java.net.Socket.connect(Unknown Source) at java.net.Socket.<init>(Unknown Source) at java.net.Socket.<init>(Unknown Source) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(Unknown Source) at org.parosproxy.paros.core.proxy.ProxyThread.run(Unknown Source) at java.lang.Thread.run(Unknown Source)
kingthorin+owaspzap
May 24, 2016, 2:17:24 PM5/24/16
to OWASP ZAP User Group
Is the destination local?
Do non-SSL sites work?
Do non-SSL sites work?
thc...@gmail.com
May 24, 2016, 2:19:08 PM5/24/16
to zaprox...@googlegroups.com
Also, are you using an outgoing proxy? [1]
[1]
https://github.com/zaproxy/zap-core-help/wiki/HelpUiDialogsOptionsConnection#use-proxy-chain
Best regards.
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-user...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.
[1]
https://github.com/zaproxy/zap-core-help/wiki/HelpUiDialogsOptionsConnection#use-proxy-chain
Best regards.
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-user...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.
Muhammad Farooq
May 24, 2016, 2:31:33 PM5/24/16
to OWASP ZAP User Group
The destination is not local, it works with HTTP. No outgoing proxy.
Thanks,
Farooq
> <mailto:zaproxy-users+unsub...@googlegroups.com>.
thc...@gmail.com
May 24, 2016, 2:43:51 PM5/24/16
to zaprox...@googlegroups.com
You are able to access the target when not proxying through ZAP, right?
Are you using some kind of firewall?
Best regards.
> > <mailto:zaproxy-user...@googlegroups.com>.
Are you using some kind of firewall?
Best regards.
> > For more options, visit https://groups.google.com/d/optout
> <https://groups.google.com/d/optout>.
>
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-user...@googlegroups.com>.
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
Muhammad Farooq
May 24, 2016, 2:48:36 PM5/24/16
to OWASP ZAP User Group
Yes without ZAP I can access it without any problem. I do have local firewalls... Let me disable the firewall and check, will get back.
Thanks
Farooq
> > <mailto:zaproxy-users+unsub...@googlegroups.com>.
> > For more options, visit https://groups.google.com/d/optout
> <https://groups.google.com/d/optout>.
>
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-users+unsub...@googlegroups.com>.
Muhammad Farooq
May 24, 2016, 3:05:28 PM5/24/16
to OWASP ZAP User Group
Oooops... Just checked I was unable to browse any website (HTTPS or HTTP) Had made some changes recently under the chained proxy settings and that broke ZAP.
Its working now.
Thanks all for quick responses and help, really appreciate.
Best,
Farooq
kingthorin+owaspzap
May 24, 2016, 3:54:30 PM5/24/16
to OWASP ZAP User Group
Thanks for letting us know.
Reply all
Reply to author
Forward
0 new messages