Systematic approach to diagnosing and resolving SSL/proxy connectivity issues with restricted websites
This skill provides a structured workflow for diagnosing and resolving network connectivity issues when accessing government websites, corporate portals, or other restricted domains that commonly exhibit SSL certificate problems, proxy requirements, or access restrictions.
Apply this skill when:
Test basic connectivity before attempting complex solutions:
# Test DNS resolution
nslookup target-domain.gov
dig target-domain.gov
# Test basic TCP connectivity
timeout 5 bash -c 'cat < /dev/null > /dev/tcp/target-domain.gov/443' && echo "Port 443 open" || echo "Port 443 closed"
# Test with curl (verbose)
curl -v https://target-domain.gov 2>&1 | head -50
If SSL errors occur, diagnose the certificate issue:
# Check certificate details
openssl s_client -connect target-domain.gov:443 -servername target-domain.gov 2>/dev/null | openssl x509 -noout -dates -subject -issuer
# Test with different SSL versions
curl --tlsv1.2 -v https://target-domain.gov
curl --tlsv1.3 -v https://target-domain.gov
# Try disabling verification (testing only)
curl -k https://target-domain.gov
Test various proxy configurations:
# Try without proxy
curl --noproxy "*" https://target-domain.gov
# Try with system proxy
curl -x http://proxy.example.com:8080 https://target-domain.gov
# Try explicit no-proxy for .gov domains
export no_proxy=".gov,.mil,.edu"
curl https://target-domain.gov
# Test with different proxy protocols
curl -x http://proxy:8080 https://target-domain.gov
curl -x https://proxy:8080 https://target-domain.gov
curl -x socks5://proxy:1080 https://target-domain.gov
Test alternative access methods:
# Try HTTP instead of HTTPS
curl http://target-domain.gov
# Try alternative ports
curl https://target-domain.gov:8443
curl https://target-domain.gov:4443
# Try www subdomain variation
curl https://www.target-domain.gov
# Try alternative domain extensions
curl https://target-domain.state.il.us
Some sites block automated access:
# Use browser user-agent
curl -A "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" https://target-domain.gov
# Add common headers
curl -H "Accept: text/html" -H "Accept-Language: en-US" https://target-domain.gov
# Include referer header
curl -e "https://www.google.com/" https://target-domain.gov
If curl fails, try Python with different configurations:
import requests
from requests.adapters import HTTPAdapter
# Disable SSL verification (testing only)
session = requests.Session()
session.verify = False
session.mount('https://', HTTPAdapter())