#1512 Privoxy as a MitM SSL-filtering proxy

closed
5
2012-09-27
2012-09-26
pepak
No

I wonder: Is there a way to set-up Privoxy as a man-in-the-middle filtering proxy? The FAQ only says that "Privoxy can't do much with HTTPS URLs", but I believe that is only true if I require the certificates to remain intact. Surely if I were willing to sacrifice that, Privoxy could make a request to the remote server on my behalf, decrypt it, then encrypt it with its own certificate and send it to my browser. It may be that Privoxy lacks this capability, but I don't see any technical reason why this should be imposible.

(Basically, I want to filter my encrypted traffic, even if it means that I lose the "protection" given my by the "trusted" certificates.)

Discussion

  • Fabian Keil

    Fabian Keil - 2012-09-27
    • assigned_to: nobody --> fabiankeil
    • status: open --> closed
     
  • Fabian Keil

    Fabian Keil - 2012-09-27

    The point of the FAQ is that Privoxy currently has no SSL-MITM support and thus currently can't filter encrypted traffic.

    Adding MITM support is TODO list item #16 but AFAIK nobody is currently working on it:
    http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/TODO?view=markup

    You can work around this by using Privoxy together with something like stunnel.

     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks