When you run tests against a HTTPS site, the browser shows "Bad Gateway", or a security warning, or just won't load the page you wanted. This only happens for HTTPS sites or single page apps served over HTTPS.
Many browsers, in their default state, reject traffic from sites with self-signed or invalid SSL certificates. These kinds of certificates are quite common in test environments, but they're problematic for Selenium as they often cause a security warning which can't be dismissed by Selenium, blocking tests.
To circumvent this, Sauce Connect re-signs all HTTPS traffic with a certificate Sauce Labs has installed on every browser on its VMs. In most cases, this allows customers to continue to test without generating warnings.
However, some HTTPS protected servers and sites reject the certificate Sauce Labs uses to sign traffic. This prevents Sauce Labs browsers from navigating to the site.
Both of the solutions to this problem rely on changing the command line options you pass to Sauce Connect when you start it running. If you don't have the ability to change how Sauce Connect is run, you'll need to reach out to the team or department in your organisation who can make changes and ask them for assistance.
If the site is publicly accessible
The best way to avoid Sauce Connect re-signing traffic for publicly accessible sites, is to avoid Sauce Connect entirely. You can pass a comma-separated list of domains to the '--direct-domains' flag, and any request for one of those domains will go straight through the internet, avoiding Sauce Connect. This also has the bonus of slightly speeding up your tests!
For example, to avoid Sauce Connect for the domain dancepants.com, any subdomain of kittenswithmittens.com, and www.theinternet.com, you'd add the following to the rest of your Sauce Connect startup command:
If the site is not publicly accessible
You can pass a comma-separated list of domains to the '--no-ssl-bump-domains' flag, and any request for one of those domains will be passed directly through Sauce Connect without being re-signed.
For example, to avoid Sauce Connect re-signing the domain dancepants.com, any subdomain of kittenswithmittens.com, and www.theinternet.com, you'd add the following to the rest of your Sauce Connect startup command: