Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW

Re: Re: HTTP::Daemon and SSL

by steves (Curate)
on Jul 08, 2002 at 08:39 UTC ( #180118=note: print w/replies, xml ) Need Help??

in reply to Re: HTTP::Daemon and SSL
in thread HTTP::Daemon and SSL

Well I made some progress based on these suggestions. What I did so far is this:

  • Copied HTTP::Daemon and modified it as rob_au suggested to make an SSL version;
  • Used that base to create an SSL proxy in addition to the existing HTTP proxy I already had. This was done by subclassing the proxy class I already had and overriding the creation of the daemon with the SSL version;
  • Created a server certificate. This is where most of the time went. Creation of server certificates was a bit new to me and not really clearly documented in the OpenSSL docs.

At this point I had two proxy server classes: one for HTTP and one for SSL. I built two stub servers using those and fired them up. The results so far are that I can connect to the SSL proxy fine and it's able to see the HTTP traffic going back and forth if I send it the requests explicitly. But I can't get the server to be used as a true proxy by setting it in the browser. When I do that, OpenSSL complains when it sees the clear text CONNECT request, spitting out this proxy error with DEBUG on:

error message: 'SSL_accept: 'error:1407609B:SSL routines:SSL23_GET_CLI +ENT_HELLO:https proxy request
So it looks like OpenSSL wants some special set up for proxies I'm not seeing just yet ... either that or it explicitly prohibits them.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://180118]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (3)
As of 2022-05-25 00:34 GMT
Find Nodes?
    Voting Booth?
    Do you prefer to work remotely?

    Results (84 votes). Check out past polls.