filtering SSL proxy?

[Scott Miles]

This may sound like a strange request (and a kludge), but I need to find a way to perform in-transit authentication and filtering based on the content of SSL requests, along with potential dynamic modification of the SSL request.  Could modssl be used as a basis to create a type of filtering SSL proxy?  Basically I have two questions:   - Would it be possible (and even better, does anyone know if this has already been done somewhere), to use modssl to encrypt/decrypt ssl proxy requests so that filtering can be performed on the content?  I do realize that this would trigger browser alerts for certificate mismatches.   - Is it possible to use apache-modssl as a transparent proxy/firewall, such that it transparently filters all connections to port 443 and proxys them?  This isn't critical, as browsers could be reconfigured to specifically point to the proxy, but it would be helpful.   I would appreciate any comments on the level of effort it might take to modify modssl in this way, or if there is any other code package that may be more suited to do this type of work.   For those interested (and I'm sure some are), the intent here is to provide access to various 3rd party web services where our support personnel need to enter customer account numbers.  Rather than have our staff handle account numbers, we'd like to be able to let them use virtual account ids that are dynamically replaced with the customer's actual account numbers when transacting with the destination web site.   Thanks Scott [EMAIL PROTECTED]