Skip to end of metadata
Go to start of metadata

This table lists changes for each version of Sauce Connect Proxy, as well as the release date for that version. 

Change Logs by Version

Version NumberChange DescriptionRelease Date


New Features

  • Public Certificates: (Virtual Cloud Only) There is a new Sauce Connect command-line argument that allows users to require that Sauce Labs internal tunneling infrastructure uses Certificates signed by a Certificate Authority (CA) rather than self-signed certificates. 
    • The new option is as follows: "--tunnel-cert public" (without the quotes). 
    • The Operating System on which SC runs needs to have its certificate store set up correctly. Here are some details per Operating System:
      • Linux:
        • OpenSSL stores CA certificates, which are accessed by the Sauce Connect Client
        • The default OpenSSL certificates directory can be found using: openssl version -d
        • Set the SSL_CERT_DIR environment variable to this folder or another containing certificates in PEM format
        • You can also set the SSL_CERT_FILE environment variable to a file of certificates in PEM format
        • The command line to update certificates is: update-ca-certificates
      • Windows:
      • OSX:
        • Certificates will be read from the MacOS Keychain Access automatically
        • Alternatively, if the Homebrew OpenSSL package is installed, the default cert.pem file can be used: `--tunnel-cainfo /usr/local/etc/openssl/cert.pem`

    • Public Certificate Support for Real Device Cloud and Headless Cloud are coming soon!
    • Note that Sauce Labs has never considered using self-signed certs on our internal tunneling infrastructure to be a security risk because our public signing key is pinned inside of Sauce Connect client. However, some customers' security scans flag the internal self-signed certs, and we are doing this to satisfy these customers and as a best practice.

Bug Fixes

  • The characters used in Tunnel identifiers must now be only ASCII, so that the Sauce Labs WebUI will work correctly
  • We removed the ANSII color codes from the Sauce Connect log, for readability reasons

Jun 25 2019


Bug Fixes

  • Fixed an issue where some page elements were not loaded when using Sauce Connect for an HTTP Auth page

  • Fixed an issue where the browser error “ERR_TUNNEL_CONNECTION_FAILED” was thrown when running Sauce Connect with a parent proxy that requires authentication (e.g. Wonderproxy) and disabling SSL bumping (-B)

  • Fixed an issue where a tunnel did not start if the direct domain list or SSL bumping list contains both a root domain and subdomains with the same root. (e.g. and

  • Fixed a regression in Sauce Connect 4.5.2 where using PAC file rules to redirect the Sauce Connect tunnel traffic did not work in some cases. However, customers need to use --proxy-tunnel argument if they want to redirect KGP connection through PAC file rules.

Jan 16 2019



  • Sauce Connect will print a user friendly error instead of a call stack when an invalid path is provided to --logfile argument.

  • Input validation of tunnel domains, direct domains and No-SSL-bump domains arguments. Domain arguments with the asterisk wildcard character in the middle for e.g. dev*.local will fail input validation. The optional asterisk wildcard character can only be at the beginning of the domain name.

  • Added input validation for --pac argument. Sauce Connect will print an error and terminate when a relative PAC file path is provided.

Bug fixes

  • Updated PAC file parser to fix intermittent parsing errors on startup. 

  • Fixed an issue where Sauce Connect exits with status code 0 when invalid arguments are provided, Sauce Connect will now exit with status code 1.

  • Fixed an issue where Sauce Connect takes a minute to shutdown when an invalid tunnel domain, direct domain or No-SSL-bump domain is passed.

  • Fixed an issue where Sauce Connect fails to check for updates when -x argument is used.

Nov 30 2018



Bug Fixes

  • Fixed a critical issue on Mac OS X where Sauce Connect throws a fatal error and terminates. This issue happens when WiFi is temporarily turned off or when the system wakes up from sleep or when internet connectivity is temporarily lost. The fatal error looks like below
    "fatal: morestack on g0"
  • Fixed an issue so that Sauce Connect terminates on startup if pid file location (--pidfile) is inaccessible.
  • Fixed file descriptor leak.

Aug 23 2018



Bug Fixes

  • Fixed a major bug in connection state logic that caused clients to exit prematurely.

New Features

  • Support for YAML config file through -c, --config-file arguments. Refer to Sauce Connect Command Line Reference for more information.
  • Support for proxy credentials in http_proxy and https_proxy environment variables on Mac and Linux platforms. Format should be scheme://user:password@host:port
  • Updated timestamp format in Sauce Connect log files to a more user friendly format "YYYY-MM-DD HH:MM:SS.sss".
  • Print a warning about performance impact while running Sauce Connect in very verbose mode.
  • Scrub access key from very verbose Sauce Connect logs.

Aug 03 2018


  • The Sauce Connect Proxy client now starts up properly on MacOS X 10.11 and below.

  • The Sauce Connect Proxy client now terminates if it cannot connect to the Sauce Cloud for more than 5 minutes.  

Feb 28 2018



Bug Fixes

  • Fixed a bug where HTTP headers with empty values are not parsed correctly.

Dec 08 2017



Bug Fixes

  • --proxy-userpwd option doesn't accept passwords with a special character.
  • --proxy-userpwd option ignores authentication credentials for proxies in a PAC file. The initial attempt to fix this issue in 4.4.6 required some additional changes.
  • --doctor option throws errors about 2 non-existent hosts.
  •  Sauce Connect fails to run on Windows systems with international characters in the path.

Known Issues

  • Sauce Connect for European Real Device Cloud prints an error message on startup. The error message looks like below and can be safely ignored.
    "Error in checkUpdate: error querying from"

Nov 13 2017


Bug Fixes
  • Improved error propagation from PAC files while using external functions like DNS resolution. 
  • Better error log messages when external function calls in PAC files fail.

Aug 14 2017


New Features
  • Added round trip time to kgp metric (RoundTripTimeMs) to understand the latency impact on each tunnel (another data point that can be used to understand reasons for slower jobs) 
    • We've described the ways this information can be accessed in our docs
  • On top of monitoring metrics that were released as part of the previous release, we are is now exposing additional tunnel monitoring via our REST API. 
    • Specifically, users will be able to track the number of jobs is currently running through each of tunnel by hitting a dedicated rest API endpoint (docs have been updated to include it as well). 
Bug Fixes
  • Fixed a bug that would cause the client to segfault if a REST request failed

Jul 20 2017


New Features
Tunnel Monitoring 

Starting with 4.4.7 customers will be able to track the bandwidth of traffic going through the tunnel (received & transmitted) by connecting to the local HTTP server.
More information on the configuration and what data is exposed & how to access it is available on our documentation

Bug Fixes

* Team has addressed the issue with Sauce Connect creating too many TCP Connections
* Proxy Connection issues when customers are using PAC files on Windows have been resolved 
* Backlashes in PAC files no longer cause errors during the SC Launch

Jun 12 2017



New Feature:

Version 4.4.6 introduces a new method to access the health of the Sauce Connect. When Sauce Connect Proxy is running the following health metrics are exposed.

  • Sauce Connect connections status indicating if this currently alive and healthy.
  • Timestamp when the connection status changed.
  • A running count of how many times the connection was re-established.

For more information please refer : Understanding Sauce Connect Proxy Client Metrics

Bug Fixes and Improvements:

Fixes a bug that would cause SC to use invalid URL's in it's internal proxy, causing --proxy  and --pac functionality to break.

Better logging to indicate the requirement of specifying the absolute path of the PAC file when using the --pac command line flag to start Sauce Connect.

Apr 21 2017



fixed an issue that would cause Go runtime panics on Mac OSX Sierra

fixed a bug introduced in 4.4.4 that caused --proxy-userpwd flag to not function as intended


Simplified client shutdown options. --wait-tunnel-shutdown flag has been removed in Sauce Connect Proxy. From 4.4.5, users won’t require the flag, as the default shutdown behavior has been updated so that Sauce Connect will wait for up to 5 minutes based on pending tests before shutting down, as it normally would when the flag is used.

Mar 16 2017



  • Jansson library is updated to version 2.9
  • Http request headers are logged when running Sauce Connect with the -v flag.   

  • Fixed the issue with --auth flag observed in version 4.4.2

Mar 10 2017



  • Support for glibc versions 2.12 and newer instead of 2.14 and newer. This should enable installation of Sauce Connect in RHEL 6/ Cent OS 6 versions and linux distributions that rely on glibc 2.12.

  • The IP Address of the Virtual Machine that ran the job is included as a header (  X-SL-Chef-IP header) in the logs.

Bug Fixes :

  • Some log lines may have been dropped in cases where a large amount of parallel tests were running through a single client

  • AJAX requests/responses arriving out of order

  • Windows client crash when using the p/-proxy flag

  • a/-auth flag not working as expected since version 4.4.0

  • Client not exiting gracefully if it's parent process died

Mar 09 2017


  • Updated to libcurl 7.51.0
  • Updated to c-ares 1.12.0
  • Removed libunwind
  •  Fixed bug on Windows where the client would panic if run with the option --doctor and without the -l or --logfile option
  • Added license file for open source libraries and updated the SC license
  • Fixed bug to display correct number of jobs when shutting down a tunnel

Nov 30 2016


  • Fixed a crash on Windows caused by log file rotation, only version 4.4.0 was affected by the crash.

Oct 19 2016


Sep 14 2016


  • Fixed a bug with how the --no-remove-colliding-tunnels flag was working for High Availability mode. 
  • systemd & upstart configuration examples to the tarball

Aug 12 2016


  • Sauce Connect Proxy client will no longer resend packets that have already been received by the tunnel at Sauce's data center, thereby reducing resent traffic in poor network conditions.

  • Dependency for GLIBC updated to version 2.14. 

  • General bug fixes

Aug 10 2016


When we released Sauce Connect 4.3.15 some customers noticed an issue causing intermittent crashes in the built-in HTTP proxy typically seen when a PAC is used and HTTPS websites are accessed.

A new version (4.3.16) containing a fix for this is now available for download here:

May 27 2016


  • SC now logs timezone information when it starts up.
  • Error reports from SC now contain more information from logs
  • New feature: rate limiting in the built-in HTTP proxy
        --scproxy-read-limit <X>    Rate limit reads in scproxy to X
                                    bytes per second. This option can
                                    be used to adjust local network
                                    transfer rate in order not to
                                    overload the tunnel connection.
        --scproxy-write-limit <X>   Rate limit writes in scproxy to X
                                    bytes per second. This option can
                                    be used to adjust local network
                                    transfer rate in order not to
                                    overload the tunnel connection.
  • Fixed a crash in the built-in HTTP proxy.
  • Fixed a crash that might have occurred when Sauce Connect tried to reconnect to the server.

May 18 2016


  • SC now triggers a KGP reconnect if it detects no keepalives have gone through after 30 seconds
  • We have added the ability to specify standard out (-) as a log file
  • SC now makes sure perfect forward secrecy and TLS1.1 or TLS1.2 is used when connecting to the tunnel VM

Apr 05 2016


New Features

  • High Availability: Load balance across multiple tunnels

  • Change to shutdown behavior to allow for rolling tunnel restarts

More details on stability improvements can be found in this blog post:


Bug Fixes 

  • Quitting Sauce Connect on Windows doesn't shut down tunnel
  • Illegal instruction: 4 on OS X with SC 4.3.12
  • Race condition when Sauce Connect is trying to clean up its KGP thread
  • Upgrade OpenSSL to 1.0.1q in SC build

Jan 27 2016


Bug Fixes: 
  • http_parser failing to detect where a header field starts
  • Port number is cut off when using PAC
  • SC for Windows crashes on Windows 2012 R2

Nov 10 2015


New Features:
  • Users can now specify which DNS SC should use by adding a “--DNS" flag.
  • Tunnel VMs now have descriptive domain names for easier debugging.
Stability Upgrades: 
  • OpenSSL has been upgraded to 1.0.1p.
  • Bug fixes

Aug 11 2015

  • No labels