[Privoxy-users] Weird TLS problem with Apple watch

[Ian Silvester]

I see. 

In your original post though the packet isn't actually the one that failed - according to the IETF link the packet is an alert stating that the HTTPS decryption failed - I am going to assume that this has been originally sent by the Siri server since Privoxy does not decrypt HTTPS, assuming you do not have any additional software in the chain to decrypt HTTPS at the router?

If the above is all true, then the problem packet was an earlier one sent by the watch to the phone for retransmission to the server, or else one generated by the phone (again, it all depends on the Siri piggyback protocol).

Since you're only seeing the problem with Privoxy in the chain, my thinking is that one of the piggyback Siri URLs contains a pattern that Privoxy is blocking. The next step would therefore be to enable logging of blocked (and also perhaps not-blocked) requests (see the Privoxy documentation for details of how to do this), ensure nothing else is using Privoxy, then launch a Siri query from the phone.

You can then peruse the log file and see if any requests look like ones you needed, then apply an appropriate unblocker to let them through.

HTH,

Ian


On Mon, 2 Mar 2020, at 03:48, Rainer Sokoll wrote:
> > 
> > Am 29.02.2020 um 17:17 schrieb Ian Silvester <iansilvester at fastmail.fm>:
> > 
> > Okay, I didn't realise Apple Watches could connect directly to the internet at all - useful to know.
> 
> Yes. at the cost of WiFi eating battery power.
> 
> > As a troubleshooting step, is it possible to configure the watch to use a proxy? To see whether it has problems using Siri if it connects to the internet via privoxy without the phone being part of the chain?
> 
> Not that I know of.
> 
> 
> Rainer
> _______________________________________________
> Privoxy-users mailing list
> Privoxy-users at lists.privoxy.org
> https://lists.privoxy.org/mailman/listinfo/privoxy-users
>