The OTLP and OTAP gRPC exporters currently support proxying via HTTP CONNECT (PR #1679). However, many enterprise environments require the client-to-proxy connection itself to be encrypted, typically configured using an https:// proxy URL.
Supporting HTTPS proxies involves more than accepting a different scheme. It requires establishing a TLS session with the proxy before issuing the CONNECT host:port request. This, in turn, requires explicit configuration for TLS behavior, including trusted root CAs (system or custom), hostname verification and SNI, and optionally client certificates for mTLS.
The OTLP and OTAP gRPC exporters currently support proxying via HTTP CONNECT (PR #1679). However, many enterprise environments require the client-to-proxy connection itself to be encrypted, typically configured using an
https://proxy URL.Supporting HTTPS proxies involves more than accepting a different scheme. It requires establishing a TLS session with the proxy before issuing the CONNECT host:port request. This, in turn, requires explicit configuration for TLS behavior, including trusted root CAs (system or custom), hostname verification and SNI, and optionally client certificates for mTLS.