#2 HTTPS man in the middle supprot

closed
nobody
None
5
2003-02-21
2003-01-14
Anonymous
No

I already sent you an e-mail about this but why not do it
the proper way also:

I would like to see HTTPS support. I know this sounds
like a contradiction... filtering encrypted traffic but
proxomitron deals with this in a very elegant way. Well
actually it isn't really elegant but it works.

It uses a home made server certificate which is stored in
de proxomitron directory and uses that one to
communicate 'securely' with the browser. After that it
has succesfully finished the SSL handshake with the
browser it connects with the server and allows any
certificate it may send. This way the sessions is clear
text with during the parsing so that rewriting etc will still
work. (Or passing it thru "tee" for example).

Of course this is very insecure from a PKI point of view
but for my usage it would work perfectly. If you would
implement this you probably have to make it a very
advanced feature with a big fat warning in the readme.

Discussion

  • jason mclaughlin

    Logged In: YES
    user_id=432781

    Hi,

    I did get your original email; unfortunately, the message
    bounced when I attempted to reply.

    This sounds like a really great idea.

    In your original email, you had mentioned that you made
    patches for other projects to add ssl support; I would be
    interested in seeing these patches to learn from them and
    hopefully add this feature into middleman.

    I look forward to your response.

     
  • jason mclaughlin

    • status: open --> closed
     

Log in to post a comment.