https proxy

[Paul Rubin]

john at hazen.net (John Hazen) writes:
> Although, if this is just for testing, I think you could trick the
> browser by running a proxy on a different machine that accepts an HTTPS
> connection, and creates another HTTPS connection with the destination
> server.  Then run your own DNS server that hands back bogus answers to
> every request resolving to the proxy's IP address.

You can use /etc/hosts for that.  No need for running your own DNS.
But why bother?  Just configure the browser send requests through the
proxy.

> The browser will talk HTTPS to the proxy, thinking it's talking to the
> target server.  Of course, this will trigger the "certificate doesn't
> match IP address" type of warning, but I think most browsers will let
> you continue after warning you.

Yes, or you can generate a cert with the right hostname in it, and
install it in the browser as a trusted cert.

To the OP, are you trying to debug a server-side app?  If you're not
trying to send actual confidential data through the SSL connection and
if you can configure the server, it's probably simplest to just open a
non-SSL port, unless you're trying to debug something SSL-specific.