After following the instructions in TECH220170 (Configuring Secure ICAP for Network Prevent for Web), the connection between Network Prevent for Web and the Proxy is still failing.
In the Stunnel log, it can be found:
<date> <time> LOG7[main]: Remove session callback
<date> <time> LOG7[main]: Deallocating application specific data for session connect address
The proxy does not accept connections with TLSv1.
Modify the stunnel configuration file (stunnel.conf) to include:
sslVersion = all
options = NO_TLSv1