From: Won S Yoon <won@MIT.EDU> - 2004-11-06 15:33:25
I am running Shweby with the Net Appliance ICAP server, and I notice that
certain web pages with HTTPS simply get passed through Shweby without
going through any ICAP modification. I am running the ICAP server in
'verbose' mode and there no debugging statements at all for these HTTPS
Does anyone know if this is done on purpose? Does Shweby intentionally
avoid modifying HTTPS connections? I understand that this would be done
for security purposes; but just out of curiosity, is there any way to
have ICAP do any kind of modification on these HTTPS messages?
From: Won S Yoon <won@MIT.EDU> - 2004-11-07 16:16:01
Thanks for the response. In fact I have tried using Squid, but it seemed
to be having too many problems, crashing and what not. I started looking
for a simpler, more stable ICAP-enabled proxy server, and that's what led
me to Shweby. All I need is a small and stable proxy server with ICAP
capabilities. I guess I'll keep playing around with Shweby and see how
Thanks for your help!
On Sun, 7 Nov 2004, Riadh Elloumi wrote:
> Hi Won,
> You are right, Shweby does not modify any HTTPS requets or responses
> because they are encrypted and Shweby hasn't the encryption keys (they
> are stored in the client and in the server)... Actually, newer releases
> of Middleman (The base proxy of Shweby) embed SSL encryption &
> decryption engine, so the proxy can decrypt the HTTPS traffic. To enable
> this feature in Shweby, we need merging it with Middleman. However, I
> wont do this in a near future, because the activity and the interest in
> Shweby is very small.
> I see also that Squid is progressing and contains ICAP in its
> development road map... Have you evaluated it Won?
> Best regards,