Is there an HTTP proxy with SSL renegotiation support and HTTPS forwarding?

A

Alexey Akulovich2015-06-22 21:41:36

proxy

Alexey Akulovich, 2015-06-22 21:41:36

Hello.
We are looking for something that could receive requests via HTTP and proxy them further via HTTPS, while being able to TLS renegotiation.
This intermediate proxy must itself establish an HTTPS connection and accept certificates in the settings.

squid just pumps traffic, renegotiation was cut from nginx back in 0.8...

I want something like nginx with its proxy_ssl_certificate and proxy_pass: we give it a URL, additional headers, request body; he answered us - the answer of the remote side + http status.

And yes, I am aware that this is MiM and other horrors - there is no choice, it must be so.

Thanks in advance!

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Alexey Akulovich, 2015-07-02
@AterCattus

In general, in the end, everything turned into a small Go daemon that accepts requests via HTTP and goes via HTTPS to problem servers via libcurl (cgo). The most important thing in this bundle is libcurl.
We start a pool of such processes, and everything turns out quite well.

S

Sergey N, 2015-06-23
@Albibek

Maybe this will help: wiki.squid-cache.org/Features/SslPeekAndSplice