Set proxy through windows command line including login parameters

Asked 18/11, 2014 at 11:11 Answered 22/8, 2019 at 16:28

I want to set a proxy throught the command line, first thing I found out is that you have to run command line with administrator rights - then the basic proxy set would be:

netsh winhttp set proxy SERVER:PORT

This works nice, but I also want to add a login. As you can see I've tried using netsh->winhttp, however manual does not say anything about the login part so I just tried:

netsh winhttp set proxy user:password@SERVER:PORT

This unfortunately does not work. Is it even possible to achieve something like this in netsh->winhttp?

If so, how? If not => what windows commands should I follow?
̶O̶r̶ ̶i̶s̶ ̶t̶h̶i̶s̶ ̶m̶o̶r̶e̶ ̶e̶a̶s̶i̶l̶y̶ ̶a̶c̶h̶i̶e̶v̶e̶a̶b̶l̶e̶ ̶t̶h̶r̶o̶u̶g̶h̶ ̶s̶o̶m̶e̶ ̶W̶i̶n̶d̶o̶w̶s̶A̶P̶I̶ ̶(̶e̶.̶g̶.̶ ̶u̶s̶i̶n̶g̶ ̶C̶/̶C̶+̶+̶)̶?̶

Thanks for help, please feel free to ask any questions if something is unclear.

USING: Windows 7, cmd.exe, netsh->winhttp

EDIT: This looks like the C++ way: http://msdn.microsoft.com/en-us/library/windows/desktop/aa383144(v=vs.85).aspx , but a better way for C++ might be to go this way: http://msdn.microsoft.com/en-us/library/windows/desktop/aa385384(v=vs.85).aspx#general_option, - so the remaining question is how to achieve this in command line generally (or even better command-line->netsh->winhttp)?

Portingale answered 18/11, 2014 at 11:11 Comment(5)

It doesn't look like it is possible. activating Windows through an authenticating proxy provides some alternatives – Bimah 22/11, 2014 at 17:49

See also How to set SQUID Proxy authentication using netsh? – Bimah 22/11, 2014 at 17:49

hmmm seems weird that there is no command-line way to do proxy authentication at all... (not talking about netsh now...) – Portingale 22/11, 2014 at 20:7

Probably because the registry entries for ProxyUser and ProxyPassword are encrypted? – Bimah 22/11, 2014 at 20:19

@Bimah Probably , but that should be no problem when using system own's commands which should know how to de/encrypt ... – Portingale 24/11, 2014 at 14:51

If you are using Microsoft windows environment then you can set a variable named HTTP_PROXY, FTP_PROXY, or HTTPS_PROXY depending on the requirement.

I have used following settings for allowing my commands at windows command prompt to use the browser proxy to access internet.

set HTTP_PROXY=http://proxy_userid:proxy_password@proxy_ip:proxy_port

The parameters on right must be replaced with actual values.

Once the variable HTTP_PROXY is set, all our subsequent commands executed at windows command prompt will be able to access internet through the proxy along with the authentication provided.

Additionally if you want to use ftp and https as well to use the same proxy then you may like to the following environment variables as well.

set FTP_PROXY=%HTTP_PROXY%

set HTTPS_PROXY=%HTTP_PROXY%

Daegal answered 10/1, 2017 at 13:29 Comment(7)

Looks neat, is it documented somewhere? how is windows support (which versions) ? – Portingale 10/1, 2017 at 14:24

For me it worked well on my Windows 7. Our main target was to set the variable HTTP_PROXY before running a command that expects network to be connected (through http proxy) Syntax for setting environment variable differs from shell to shell and operating system to operating system. You can positively find out a different format of this on a Linux system as well. I feel basic logic should work with any operating system. I collected this information from somewhere in the internet that I exactly don't remember. Once I recollect I will update here. – Daegal 11/1, 2017 at 7:34

I was seeking for a proxy setting for windows cmd for long time, this one works, thanks. With this setting, command line tools can work behind the cooperator's proxy. – Photogene 9/1, 2018 at 2:4

Just to keep the things handy. If you have a lock, a key should be kept as well ;) Below are commands(use without curly brackets) to remove the proxy. {set http_proxy=} {set https_proxy=} – Howze 1/10, 2019 at 5:28

You saved my day. Works at Windows Server 2019, for tools like Nuget. (When it's run under local system acount.) – Chequerboard 29/4, 2021 at 19:38

In my environment, Windows Server 2019 DC, Azure VM, solution does not work, I tested using that command set HTTP_PROXY=http://proxy_userid:proxy_password@proxy_ip:proxy_port. My goal is to connect/onboard VM to Windows Defender for Endpoint console, my network (where win 2k19 is located is isolated, do not have access to internet 443/80 port blocked on NSG) – Burleson 13/5, 2021 at 7:29

How do I make it permanent such that I do not need to repeat all the time? – Shuddering 7/10, 2021 at 13:45

cmd

Tunnel all your internet traffic through a socks proxy:

netsh winhttp set proxy proxy-server="socks=localhost:9090" bypass-list="localhost"

View the current proxy settings:

netsh winhttp show proxy

Clear all proxy settings:

netsh winhttp reset proxy

Sewoll answered 22/8, 2019 at 16:28 Comment(0)

IE can set username and password proxies, so maybe setting it there and import does work

reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 1
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer /t REG_SZ /d name:port
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyUser /t REG_SZ /d username
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyPass /t REG_SZ /d password
netsh winhttp import proxy source=ie

Cudlip answered 26/11, 2014 at 23:44 Comment(4)

Findings: the proxy gets by these registries only when ANY browser is ran, BUT netsh winhttp still shows direct access, also disabling the proxy requires registry change ProxyEnable to 0 and re-starting the browser afterwards. (btw: my tip is to send reg add commands with /f parameter so existing entries are rewritten without asking) – Portingale 27/11, 2014 at 16:2

Problem remaining: even though proxy is set, the proxy authentication is NOT set ... So it does not solve the problem with pre-authentication. – Portingale 27/11, 2014 at 16:5

Thanks very much for this solution. this works excellent as the netsh commands that i tried before, do not work. – Opine 8/3, 2016 at 22:9

It does not work for ma as well, I tested on latest Azure 2019 Windows Server Data center. – Burleson 13/5, 2021 at 7:27

The best way around this is (and many other situations) in my experience, is to use cntlm which is a local no-authentication proxy which points to a remote authentication proxy. You can then just set WinHTTP to point to your local CNTLM (usually localhost:3128), and you can set CNTLM itself to point to the remote authentication proxy. CNTLM has a "magic NTLM dialect detection" option which generates password hashes to be put into the CNTLM configuration files.

Shaveling answered 28/4, 2015 at 17:9 Comment(2)

Here is an issue and resolution with running latest cntlm as windows service: superuser.com/questions/1192694/cannot-start-cntlm – Fibroin 16/5, 2017 at 18:54

See also #9182137 – Fibroin 16/5, 2017 at 19:24

Recommended topics

Hot tags