I read here
http://rt.openssl.org/Ticket/Display.html?id=266user=guestpass=guest
of support for an https proxy CONNECT command but I don't see it in
the documentation https://www.openssl.org/docs/apps/s_client.html
__
OpenSSL
http://rt.openssl.org/Ticket/Display.html?id=266user=guestpass=guest
of support for an https proxy CONNECT command but I don't see it in the
documentation https://www.openssl.org/docs/apps/s_client.html
It's not implemented yet.
: MiƩrcoles, 13 de Noviembre de 2002 03:26 p.m.
Para: [EMAIL PROTECTED]
Asunto: Is a https proxy possible?
We are trying to set up a system where a server can act as a
proxy for
http, while automaticaly encrypting all proxied communication
via https.
For example:
(web server) --https
To: [EMAIL PROTECTED]
Subject: Is a https proxy possible?
We are trying to set up a system where a server can act as a
proxy for
http, while automaticaly encrypting all proxied communication
via https.
For example:
(web server) --https-- (proxy) --http-- (browser)
The whole
communication via https.
For example:
(web server) --https-- (proxy) --http-- (browser)
The whole point of this is to be able to analyze the unencrypted
network traffic between the proxy and the browser.
Is this even possible? If it is, what would you suggest I use to
implement
On Wed, Nov 13, 2002 at 04:24:38PM -0300, Alejandro Rusell wrote:
I don't know of any option in the clients (browsers) that support
your scenario.
BTW, what do you mean with analyze unencrypted network traffic?
Should it be encrypt/protect unencrypted network traffic?
We have a web system
Mike Alberghini [EMAIL PROTECTED] writes:
On Wed, Nov 13, 2002 at 04:24:38PM -0300, Alejandro Rusell wrote:
I don't know of any option in the clients (browsers) that support
your scenario.
BTW, what do you mean with analyze unencrypted network traffic?
Should it be encrypt/protect
Presumably the point of this exercise is to be able to analyze normally
encrypted traffic.
That's what I thought when I first read your problem description.
IMHO, you're going at this the wrong way. Set up a second box running
snort. Set it up to read the encrypted traffic... and use a
thanks, looks like it might help.
- Original Message -
From: GOLDING,CHARLTON (Non-HP-Corvallis,ex1) [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, March 15, 2002 12:45 AM
Subject: RE: Net::SSLeay .. https-proxy-sniff.pl .. How can I snoop an MSIE
browser session.
WinPcap came
::SSLeay .. https-proxy-sniff.pl .. How can I snoop an MSIE
browser session.
Check out ettercap ( ettercap.sourceforge.net )
No personal experience, though.
Regards, Martin
__
OpenSSL Project http
Hi,
I'm using the most excellent https-proxy-sniff from the perl module
Net::SSLeay.
It works fine to sniff a secure transaction from a linux client on the local
host ( to a remote server ), but fails when I try to sniff a transaction
from MSIE on a windows client on the local ( private
O'Riordain
POP account for superquote.co.uk wrote:
Hi,
I'm using the most excellent https-proxy-sniff from the perl module
Net::SSLeay.
It works fine to sniff a secure transaction from a linux client on the local
host ( to a remote server ), but fails when I try to sniff a transaction
from
Check out ettercap ( ettercap.sourceforge.net )
No personal experience, though.
Regards, Martin
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL
Bob Niederman wrote:
etcetera., where $srvr is 'http://servername.domain/file' or
'https://servername.domain/file'
Same general code works fileto the same boxes without proxy (different
route not requiring proxy).
Works fine for http, ethereal shows nothing leaving the box for https,
I'm using Crypt::SSLeay 0.29 with LWP::UserAgent 1.73.
I'm trying to use a proxy. As noted in the doc, $us-proxy() doesn't
work.
However, the workaround suggested:
$ENV{HTTPS_PROXY} = 'http://proxy_hostname_or_ip:port';
$ENV{HTTPS_PROXY} = '127.0.0.1:8080';
Use of the
Bob Niederman wrote:
I'm using Crypt::SSLeay 0.29 with LWP::UserAgent 1.73.
I'm trying to use a proxy. As noted in the doc, $us-proxy() doesn't
work.
However, the workaround suggested:
$ENV{HTTPS_PROXY} = 'http://proxy_hostname_or_ip:port';
$ENV{HTTPS_PROXY} =
refs' error message, but it
still doesn't work. Code is:
$ENV{HTTPS_PROXY} = https://$proxy:8080/;;
$ENV{HTTP_PROXY} = http://$proxy:8080/;;
$ua-env_proxy();
$agent = 'Lynx/Chicago DMZ monitoring script';
$ua-agent($agent
I've been trying to set up stunnel on the firewall to accept
SSL-encrypted connections and forward them to internal http
addresses. This is for staff use only, so I don't care about having a
certificate signed by a public CA. I do, however, want to require
users to have certificates.
I've
Have you found any other solution to this? I would appreciate your
help.
Here an idea:
- You create an https proxy (it may also be an http proxy) running
on localhost.
- The proxy is actually a CA. when it receives a connect request,
it creates on the fly a server certificate signed
Carlos Vicente [EMAIL PROTECTED] writes:
Browsing through the archives I found this post of yours. I am now
working exactly on the same kind of SSL proxy you described, and I'm
stuck exactly on the same problem. It's clear that browsers initiate
the SSL session --sending the ClientHello
I'm resending this because I've been having mailer problems.
Sorry if you get it twice.
Carlos Vicente [EMAIL PROTECTED] writes:
Browsing through the archives I found this post of yours. I am now
working exactly on the same kind of SSL proxy you described, and I'm
stuck exactly on the same
Carlos Vicente wrote:
Hi Allan,
As far as I am aware an proxy server must support the CONNECT
method, and this is what a Client will use to establish a connection
on a port other than 80
Browsing through the archives I found this post of yours. I am
now
working exactly on the same kind of SSL
Hi,
Perhaps a little off-topic, but think it is still relevant. Now our ca is
nearing completion we are thinking about setting up a pilot testsite.
What we want to do is the following:
Outside -- WebsiteA -- |firewall| -- WebsiteB
We want our employees to be able to get to websiteB through
23 matches
Mail list logo