Results 1 to 3 of 3

Thread: How should my Proxy handle SSL/https request

  1. #1
    Junior Member
    Join Date
    Nov 2001

    How should my Proxy handle SSL/https request

    I am in the proces of coding a proxy server (in C) and am having difficulty with the SSL aspect.
    When receiving an http request, I simply forward the whole message (GET htpp;// \n User-Agent:...\n etc. ) to the appropriate server, and it works fine. But when an SSL(https) request arrives (CONNECT HTTP/1.0 \n User-Agent:...\n etc.), I try to forward this to the server (on port 443) in the same fashion.

    This does not work as I am not getting any response back (not even an error). I think I have to manipulate the request message (ex. remove the "CONNECT" and ":443", but I am not sure how to properly format it. After several tries with different formats, I am still lost and frustrated.
    Anyone know how to format the SSL message. i.e. What should my proxy forward to the secure server? I simply want to act as a tunnel between client and server (Client <--> Proxy <--> Server.

    Maybe it is not even a matter of reformatting, but something else? I don't think I need to exchange keys/certificates as the Proxy, but maybe a different type of connection besides the standard connect() needs to be made? Any help appreciated.


  2. #2
    Join Date
    Aug 2001
    Here 's a link to OD's SSL-proxy program. Source code is included, so you should be able to find something in there

  3. #3
    Junior Member
    Join Date
    Jul 2001
    Port 443 will be expecting an SSL connection while you will have decrypted the connection at the proxy... Try using OpenSSL and stunnel to re-encrypt the connection and then forward to the secure server.

    Hope that helps...


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts