SSL Proxying

By Jon Udell

February 14, 2001

(SSL Proxying :  Page 1 of 3 )

In this Article

SSL Proxying A Window Into Encrypted Client/Server Conversations Do-It-Yourself SSL Proxying?

To relay traffic through it, set your browser's HTTP proxy to localhost:8080. In Netscape, that's Edit->Preferences->Advanced->Proxies->Manual Configuration->View->HTTP. In MSIE, it's Tools->Internet Options->Connections->LAN Settings->Proxy Server->Use a Proxy Server.

Now you can watch the conversation between your browser and a Web server in Proxomitron's log window. Here's the browser on my Windows machine talking to the server on my Linux machine, as seen in the log window:

A browser requests a script, with parameter foo=bar:

GET /cgi-bin/test?foo=bar HTTP/1.0
Connection: keep-alive
User-Agent: Mozilla/4.5 [en] (WinNT; I)
Host: udell.test
Accept: image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, image/png, */*
Accept-Encoding: gzip
Accept-Language: en
Accept-Charset: iso-8859-1,*,utf-8

The server responds like this:

HTTP/1.1 200 OK
Date: Wed, 14 Feb 2001 18:43:20 GMT
Server: Apache/1.3.12 (Unix)  (Red Hat/Linux) 
mod_ssl/2.6.6 OpenSSL/0.9.5a mod_perl/1.24
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
Connection: keep-alive
If-Modified-Since: 
Wed, 23 Aug 2000 19:45:13 GMT; length=2890
User-Agent: Mozilla/4.5 [en] (WinNT; I)
Pragma: no-cache
Host: udell.test
Accept: image/gif, image/x-xbitmap, image/jpeg, 
image/pjpeg, image/png, */*
Accept-Encoding: gzip
Accept-Language: en
Accept-Charset: iso-8859-1,*,utf-8

In this case, the script, /cgi-bin/test, just echoes the name/value pairs it received.

This is useful because, as I mentioned last time, quite a few website APIs are made of nothing more than HTTP headers and GET requests, which you can analyze in Proxomitron's log window.

 Page 1 of 3 Next page