On Tue, Mar 16, 1999, Joe and Barbie wrote:
> Thanks for your response - sorry the question was confusing. I would
> prefer not to use a browser to connect to a SSL server at regular
> intervals. I don't know exactly what are the series of messages the
> browser is sending to the remote SSL server. I would like to record
> exactly what the browser is sending, so I can duplicate the connections
> from command-line tools like Curl, etc. Sniffers don't work, since the
> connections are encrypted.
>
> I'll install mod_proxy and use it as a gateway proxy, as you suggested.
> If there's a better way to accomplish the recording task, please let me
> know. I've spent quite a bit of time trying to automate the connections
> from command-line scripts. The remote SSL server does not require
> client authentication. I've configured mod_ssl SLLogLevel to debug -
> very helpfull. The s_client tool distributed with openssl is usefull as
> well (from your FAQ).
To record the HTTPS request for instance Netscape performs you can connect
with it to an "openssl s_server". You'll see the actual HTTP request. So, with
"openssl s_client" you perform a request which is mostly identical to what
Netscape would send (the little differences are just in the SSL layer and TCP
layer, e.g. keep-alives, lingering closes, etc.).
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
