So following your advice to my question: ‘Behind a proxy’, I am trying to use it now with SSL, so far with no success.
I am behind an external proxy but I use also an internal one (localhost:8008) that points to the external proxy so I can get more feedback for my experiments.
I have the following script:
The Problem here is that a forward proxy do no normaly no SSL termination. The initial connect to the forward proxy is plain, after the forward proxy opens the connection your webserver it just let through every thing you send, that is the point where you have to turn on SSL.
CLIENT
# connect to your proxy
_REQ localhost 8008
# send the first line so your proxy knows where to connect
__GET https://mydomain.com HTTP/1.1
# now turn on SSL
_SSL_CONNECT SSL cert.pem privkey.pem
__Host: mydomain.com
__
_EXPECT . "200 OK"
_WAIT
END
I didnt check if this works, but quiet sure it does. And because a forward proxy do normaly no SSL termination, you will not see anything on your local proxy, except your local proxy do also have the private key for this SSL connection.
Httest can do SSL, SSL2, SSL3, TLS1, just write the one you need before the port.
It ist better to go direct to your application. With forward proxy in between things becomme complicated and weired :)
If you wanna check what happens firefox and httpfox is better. I do testing that way, first investigate with firefox and read what happen and then do a httest to be able to reproduce the problem anytime.
Best regards
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
So following your advice to my question: ‘Behind a proxy’, I am trying to use it now with SSL, so far with no success.
I am behind an external proxy but I use also an internal one (localhost:8008) that points to the external proxy so I can get more feedback for my experiments.
I have the following script:
CLIENT
_REQ localhost SSL:8008 cert.pem privkey.pem
__GET https://mydomain.com HTTP/1.1
__Host: mydomain.com
__
_EXPECT . "200 OK"
_WAIT
END
This results with the following error:
Handshake failed: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown proTocol
I also tried different ways with the first line such as:
_REQ localhost 8008 SSL:443 cert.pem privkey.pem
That gives the error:
“javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?”
Thanks a lot for your help!
Ofer
The Problem here is that a forward proxy do no normaly no SSL termination. The initial connect to the forward proxy is plain, after the forward proxy opens the connection your webserver it just let through every thing you send, that is the point where you have to turn on SSL.
CLIENT
# connect to your proxy
_REQ localhost 8008
# send the first line so your proxy knows where to connect
__GET https://mydomain.com HTTP/1.1
# now turn on SSL
_SSL_CONNECT SSL cert.pem privkey.pem
__Host: mydomain.com
__
_EXPECT . "200 OK"
_WAIT
END
I didnt check if this works, but quiet sure it does. And because a forward proxy do normaly no SSL termination, you will not see anything on your local proxy, except your local proxy do also have the private key for this SSL connection.
Httest can do SSL, SSL2, SSL3, TLS1, just write the one you need before the port.
It ist better to go direct to your application. With forward proxy in between things becomme complicated and weired :)
If you wanna check what happens firefox and httpfox is better. I do testing that way, first investigate with firefox and read what happen and then do a httest to be able to reproduce the problem anytime.
Best regards