Thanks for taking the time to answer Amos.
> On port 443 traffic the Host: header is buried inside the encryption. So
> is the whole URL. Until the server contact has been established, certs
> exchanged with the client and the first HTTP request received there is
> no known Host header.
>
> NP: the SSL cert domain name(s) can be wildcard or completely irrelevant
> domain so is not reliable either.
>
This gets me worried. Is what I'm trying to do possible? DNS spoof a
domain (it's resolved to the squid server) and transparent proxy the
https traffic to the real host?
(as a general idea I don't care about the contents of https traffic,
intercepting or otherwise, but because of the dns spoof I have to
forward it to the real host)
> This looks a bit like the server is not permitting your connection
> attempt. The one that would otherwise give Squid the server cert and
> details to pass to the client.
> Is the server software running and listening on port 443 when this test
> is made?
>
Yes, I'm trying with https://google.com.
>
> You are testing from localhost? That is the only machine permitted
> through this Squid. Although you did get Connection Refused instead of
> 403 Forbidden.
>
Yes, I'm testing with localhost.
-M.
Received on Sun Dec 15 2013 - 08:19:57 MST
This archive was generated by hypermail 2.2.0 : Sun Dec 15 2013 - 12:00:05 MST