Hi Roland, Purpose of this proxy is very simple: We use some kind of ASP ERP via web interface, our service provider doesn't give us other means of interfacing... We need to store some data which flows during the use of this applications... Some part of flow is trough https but it not involves any kind of payment processing or personal information, I am not looking for trouble ;-)... My intention is to setup a proxy which inspects the traffic and save to our db all the pertinent data. As I don't want any doubts about a possibility to spy on company, I thought to make possibility where sys admins will give their cert to proxy (which I don't have) which will then be used when communicating with the clients, and proxy will establish ssl connections versus ASP. The users will be warned that in browser screen there will appear message about company certificate... But my main requirement is that I can inspect all http AND https messages... Is that OK and possible ?
Thanks, Stojce Weber wrote: > Hello Stojce, > > > 2) make it work trough ssl but would have to 'see' the request/response > > 'in clear' > > Before I answer this question, would you please explain the purpose > of your project? You see, TLS/SSL connections are there for a reason: > they are used for *secure* communication of *confidential* data. > > cheers, > Roland > > PS: Years ago, somebody asked on the OpenCard mailing list whether > he could use the software to copy SIM cards for mobile phones... > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
