You set HTTP_PROXY , configure Windows/macOS system proxy, or enforce a PAC file — yet Elgato’s services connect directly to AWS endpoints as if no proxy exists.
If you’ve ever set up a corporate proxy, a transparent filtering proxy, or even a local debugging proxy like Charles or Burp Suite, you might have noticed something puzzling: Elgato devices and software (Stream Deck, Camera Hub, Control Center) seem to ignore your proxy settings entirely. elgato bypasses proxy
Using Wireshark or a local firewall, you’ll see: You set HTTP_PROXY , configure Windows/macOS system proxy,
# Example: redirect all TCP/443 from StreamDeck process to local proxy iptables -t nat -A OUTPUT -p tcp --dport 443 -m owner --uid-owner elgato_user -j REDIRECT --to-port 8080 TLS pinning will still break HTTPS interception. Solution 2: Virtual Router / VPN Gateway Run a virtual machine or router (pfSense, OPNSense) that forces all traffic through an upstream proxy using squid + tproxy . Elgato has no way to bypass because it’s at the IP layer. Solution 3: Disable Certificate Pinning (Hacky, Not Recommended) For debugging only: patch the Elgato binary to remove pinning checks (e.g., using insert_dylib on macOS or DLL injection on Windows). This breaks each update. The Official Word from Elgato Corsair/Elgato support acknowledges this in internal tickets: “Our software does not support proxy configurations. Please ensure direct internet access for all Elgato services.” Solution 2: Virtual Router / VPN Gateway Run
This isn’t a bug. It’s a deliberate design choice with deep implications for network security, monitoring, and troubleshooting. Let’s unpack exactly what’s happening under the hood. True — for most standard proxy configurations.