Index: urllib3-1.26.18/changelog/3268.bugfix.rst
===================================================================
--- /dev/null
+++ urllib3-1.26.18/changelog/3268.bugfix.rst
@@ -0,0 +1 @@
+Fixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS.
Index: urllib3-1.26.18/test/with_dummyserver/test_socketlevel.py
===================================================================
--- urllib3-1.26.18.orig/test/with_dummyserver/test_socketlevel.py
+++ urllib3-1.26.18/test/with_dummyserver/test_socketlevel.py
@@ -1226,7 +1226,8 @@ class TestSSL(SocketDummyServerTestCase)
         self._start_server(socket_handler)
         with HTTPSConnectionPool(self.host, self.port, ca_certs=DEFAULT_CA) as pool:
             with pytest.raises(
-                SSLError, match=r"(wrong version number|record overflow)"
+                SSLError,
+                match=r"(wrong version number|record overflow|record layer failure)",
             ):
                 pool.request("GET", "/", retries=False)
 
Index: urllib3-1.26.18/src/urllib3/connectionpool.py
===================================================================
--- urllib3-1.26.18.orig/src/urllib3/connectionpool.py
+++ urllib3-1.26.18/src/urllib3/connectionpool.py
@@ -768,7 +768,8 @@ class HTTPConnectionPool(ConnectionPool,
                 # so we try to cover our bases here!
                 message = " ".join(re.split("[^a-z]", str(ssl_error).lower()))
                 return (
-                    "wrong version number" in message or "unknown protocol" in message
+                    "wrong version number" in message or "unknown protocol" in message or "record layer failure" in message
+
                 )
 
             # Try to detect a common user error with proxies which is to