Yarn add having trouble with proxy: "tunneling socket could not be established" #5599

$ yarn add @rails/webpacker 
yarn add v1.5.1
info No lockfile found.
[1/4] Resolving packages...
info There appears to be trouble with your network connection. Retrying...
info There appears to be trouble with your network connection. Retrying...
info There appears to be trouble with your network connection. Retrying...
info There appears to be trouble with your network connection. Retrying...
error An unexpected error occurred: "https://registry.yarnpkg.com/@rails%2fwebpacker: tunneling socket could not be established, cause=write EPROTO 139879873304384:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:../deps/openssl/openssl/ssl/s23_clnt.c:827:
If the current behavior is a bug, please provide the steps to reproduce.
The problem is that I'm behind a corporate proxy.  Here are my relevant env settings, with IPs changed to protect the innocent:
http_proxy=http://10.1.2.3:3128
HTTP_PROXY=http://10.1.2.3:3128
ftp_proxy=https://10.1.2.3:3128
FTP_PROXY=https://10.1.2.3:3128
https_proxy=https://10.1.2.3:3128
HTTPS_PROXY=https://10.1.2.3:3128
no_proxy=localhost,localhost.*,10.*,192.168.*,127.0.0.1
NO_PROXY=localhost,localhost.*,10.*,192.168.*,127.0.0.1
I've tried setting --proxy and --https-proxy command line options, I've tried yarn config set, I've tried npm config set, I've tried variations of all three with strict-ssl=false thrown in for good measure (in both yarn and npm, to be sure).  Always the same result.
Here's the output of yarn config list:
$ yarn config list
yarn config v1.5.1
info yarn config
{ 'version-tag-prefix': 'v',
  'version-git-tag': true,
  'version-git-sign': false,
  'version-git-message': 'v%s',
  'init-version': '1.0.0',
  'init-license': 'MIT',
  'save-prefix': '^',
  'ignore-scripts': false,
  'ignore-optional': false,
  registry: 'https://registry.yarnpkg.com',
  'strict-ssl': false,
  'user-agent': 'yarn/1.5.1 npm/? node/v6.13.1 linux x64',
  'https-proxy': 'https://10.1.2.3:3128',
  proxy: 'http://101.2.3:3128' }
info npm config
{ 'https-proxy': 'https://10.1.2.3:3128',
  proxy: 'http://10.1.2.3:3128',
  'strict-ssl': false }
Done in 0.04s.
N.B. Just to verify that it's not some DDoS like the answer to #1351 said or any other such thing, I can at the same command line run:

wget https://registry.yarnpkg.com/@rails%2fwebpacker

...and get it pulled down immediately.
What is the expected behavior?

I'm not entirely sure, as this is my first experience with yard.  I don't know what a successful yard add looks like, other than no errors. :)
Please mention your node.js, yarn and operating system version.

nodejs: v6.13.1

yarn: 1.5.1

OS: LinuxMint 18.3 (Ubuntu 16.04 base)
👍9