autoProxy=true not creating https / no_proxy variables (as reported in #11551 )

[z3non]

Windows Version

Microsoft Windows [Version 10.0.22631.4602]

WSL Version

2.3.26.0

Are you using WSL 1 or WSL 2?

• WSL 2
• WSL 1

Kernel Version

5.15.167.4-1

Distro Version

No response

Other Software

Repro Steps

1. Configure .wslconf with

[wsl2]
autoProxy=true

2. run wsl

3. check environment variables

Expected Behavior

WSL to configure http and https proxy variables as stated here: WSL Troubleshoot

When enabled, the following apply to proxy settings on your Linux distributions:
The Linux environment variable, HTTP_PROXY, is set to the one or more HTTP proxies found installed in the Windows HTTP proxy configuration.
The Linux environment variable, HTTPS_PROXY, is set to the one or more HTTPS proxies found installed in the Windows HTTP proxy configuration.
The Linux environment variable, NO_PROXY, is set to bypass any HTTP/S proxies found in the Windows configuration targets.
Every environment variable, except WSL_PAC_URL, is set to both lower case and upper case. For example: HTTP_PROXY and http_proxy.

Actual Behavior

Only http_proxy, HTTP_PROXY and WSL_PAC_URL are being created on wsl.

env | grep -i http
http_proxy=http://example.com:3128
HTTP_PROXY=http://example.com:3128
WSL_PAC_URL=http://example.com/wpad.dat

Diagnostic Logs

will be sent by email

[github-actions]

Logs are required for review from WSL team

If this a feature request, please reply with '/feature'. If this is a question, reply with '/question'.
Otherwise please attach logs by following the instructions below, your issue will not be reviewed unless they are added. These logs will help us understand what is going on in your machine.

How to collect WSL logs

Download and execute collect-wsl-logs.ps1 in an administrative powershell prompt:

Invoke-WebRequest -UseBasicParsing "https://raw.githubusercontent.com/microsoft/WSL/master/diagnostics/collect-wsl-logs.ps1" -OutFile collect-wsl-logs.ps1
Set-ExecutionPolicy Bypass -Scope Process -Force
.\collect-wsl-logs.ps1

The script will output the path of the log file once done.

If this is a networking issue, please use collect-networking-logs.ps1, following the instructions here

Once completed please upload the output files to this Github issue.

Click here for more info on logging
If you choose to email these logs instead of attaching to the bug, please send them to [email protected] with the number of the github issue in the subject, and in the message a link to your comment in the github issue and reply with '/emailed-logs'.

View similar issues

Please view the issues below to see if they solve your problem, and if the issue describes your problem please consider closing this one and thumbs upping the other issue to help us prioritize it!

Open similar issues:

• windows11 wsl2，The WSL_PAC_URL configuration does not take effect (#11998), similarity score: 0.71

Closed similar issues:

• autoProxy=true doesn't work for multiple users via su or ssh (#10820), similarity score: 0.75
• autoProxy seems to be true by default, which conflicts with the documentation (#11055), similarity score: 0.75
• autoProxy=true doesn't works well on WSL2 preview 2.0.3.0 (#10583), similarity score: 0.74
• autoProxy doesn't work with proxy requiring Kerberos / NTLM authentication (#10804), similarity score: 0.71

Note: You can give me feedback by thumbs upping or thumbs downing this comment.

[z3non]

/emailed-logs

[github-actions]

Diagnostic information

Found '/emailed-logs', adding tag 'emailed-logs'

[z3non]

previously reported here: #11551

[keith-horton]

Hi there. WinHTTP is not reporting that there's an HTTPS proxy:

63 30348.15140 2025-01-15T16:36:38.257 [Microsoft.Windows.Lxss.Manager] s_GetProxySettingsExCallback-Results: pcwszProxy=http://outproxy2.pnet.ch:3128 pcwszSecureProxy= pcwszAutoconfigUrl=http://wpad.pnet.ch/wpad.dat cProxyBypasses=0
64 30348.07960 2025-01-15T16:36:38.257 [Microsoft.Windows.Lxss.Manager] OnProxyRequestComplete: newProxySettings=Proxy: http://outproxy2.pnet.ch:3128, SecureProxy: , PacUrl: http://wpad.pnet.ch/wpad.dat, ProxyBypasses:

How was the HTTPS proxy set?

good point about WSL_PAC_URL also not being set in lower-case. I forget the Linux rules and appcompat on this variable - we'll take a look.

[keith-horton]

Following up on WSL_PAC_URL:

that's a new environment variable we created with WSL2 - so we did not have compat reasons to create it both lower-case and upper-case. That will always be created as this one string.

[Moritz-Jaekel]

Hello,
we are running into the same issue. In our company network we use a wpad.dat file to set the Proxy for outgoing internet traffic. AutoProxy only fills http_proxy and HTTP_PROXY.
A Fix or workaround to set the https_proxy globally would be greatly appreciated

Thanks.

[keith-horton]

@z3non , can you please capture a full network trace where we can see what WinHTTP is seeing in the pac file?

https://github.com/microsoft/WSL/blob/master/diagnostics/collect-networking-logs.ps1

Thanks!

[z3non]

/emailed-logs

[github-actions]

Diagnostic information

Found '/emailed-logs', adding tag 'emailed-logs'

[z3non]

Hi @keith-horton , I sent the networking logs via email. Regarding your question about how the HTTPS proxy was set I am still waiting for feedback from our system management team. I checked our pac file in the meantime. There we use the "PROXY" keyword, so no distinction between HTTPS/HTTP in the findProxyForUrl() function:

proxy[0] = "PROXY outproxy1.example.com:3128"; proxy[1] = "PROXY outproxy2.example.com:3128"; proxy[2] = "PROXY outproxy3.example.com:3128"; proxy[3] = "PROXY outproxy4.example.com:3128";

[keith-horton]

Thanks! I followed up with our HTTP experts who implement WinHTTP proxy support. They stated that in the PAC file the https proxy should be given with “HTTPS” keyword. Something like proxy[0] = "HTTPS outproxy1.example.com:443".

Can you verify that works if the PAC file is updated to specify HTTPS?

[z3non]

The wikipedia description of the PAC format reads as follows:

By default, the PROXY keyword means that a proxy corresponding to the protocol of the original request, be it http, https, or ftp, is used.

I couldn't find anything more authoritative than this definition on wikipedia. Assuming this reflects the industry agreed semantics of this format the entries using the "PROXY" keyword should be sufficient to indicate also the HTTPS proxy. Do your http experts have a different opinion on this or a more up2date definition of the PAC format?

[keith-horton]

@z3non , thanks for more context. I'll share this with them and get back to you.

[keith-horton]

@z3non , I followed up. We have some work on our side to better document our support (we need to update https://learn.microsoft.com/en-us/windows/win32/winhttp/winhttp-autoproxy-support ).

The feedback was that the single PROXY keyword doesn't designate what protocol is intended (PAC files originally supported only HTTP protocol - so PROXY was inferred to that - as secure proxies are a more recent addition).

I would recommend specifying the protocol in your PAC file.

Thanks!

[JonathanDLee24]

similar #11998

[JonathanDLee24]

I created a script that you can run once logged in I could not get the environment variables to load when running this from root so you have to run it sudo -E ./autoproy.sh

#!/bin/bash
#check_status=$( env | grep "proxy" )
check_status=$HTTP_PROXY

echo $check_status
http="http"
if [[ $check_status == *"$http"* ]];
then
	echo "proy on"
	cp proxyon /etc/environment
else
	echo "proxy off"
	cp proxyoff /etc/environment
fi

You must have a wpad (autoproxy server on network ) running and your Windows 11 getting your settings correctly also your WSL must show the proxy info when you run
echo $HTTP_PROXY"

after that you can simply adapt the /etc/environment have a copy of the old one with no proxy for when your on a network without a proxy and $HTTP_PROXY shows nothing and another for your proxy you use

Example:

proxy on

PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin"

export http_proxy=http://192.168.1.1:3128

export https_proxy=http://192.168.1.1:3128

and one without

proxy off

PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin"

#export http_proxy=http://192.168.1.1:3128

#export https_proxy=http://192.168.1.1:3128

I also attempted to just add the $HTTP_PROXY variable into /etc/environment again it will not use it with export it wants a string.

Just an idea and more info on the actutal problem,

/etc/environment is not adding any autoproxy info everything else does in WSL.

My basic script just replaces the /etc/enviroment with a proxy copy as needed.

again it must be run with the -E to keep the user enironment's auto proxy settings for the if else conditional checks

so to run the script I created the file edited it with chmod and crown and run it like this when I need it.

sudo -E ./autoproxy.sh

crude but a temp fix. I wanted to use an @reboot crontab with it again that requires the user environment and sudo to do the copy over.

Any other ideas for a longterm automatic fix?

[JonathanDLee24]

What I would like to do is just use the output from echo $HTTP_PROXY that is auto populated with WSL and just place it into /etc/environment

like this

better /etc/environment

PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin"

export http_proxy=$HTTP_PROXY

export https_proxy=$HTTP_PROXY

but it wont recognize the system variable that is already generated with auto proxy enabled and populated by way of wpad on the host Windows 11 machine for some reason.