https proxy

[Paul Sweeney]

Paul Rubin wrote:
> john at hazen.net (John Hazen) writes:
> > Although, if this is just for testing, I think you could trick the
> > browser by running a proxy on a different machine that accepts an HTTPS
> > connection, and creates another HTTPS connection with the destination
> > server.  Then run your own DNS server that hands back bogus answers to
> > every request resolving to the proxy's IP address.
>
> You can use /etc/hosts for that.  No need for running your own DNS.
> But why bother?  Just configure the browser send requests through the
> proxy.

agreed, no need to involve DNS, just set as proxy in browser connection
settings

>
> > The browser will talk HTTPS to the proxy, thinking it's talking to the
> > target server.  Of course, this will trigger the "certificate doesn't
> > match IP address" type of warning, but I think most browsers will let
> > you continue after warning you.
>
> Yes, or you can generate a cert with the right hostname in it, and
> install it in the browser as a trusted cert.

This is not a problem since it is ok to have to click on the certificate
warning box that will come up in the browser.

>
> To the OP, are you trying to debug a server-side app?  If you're not
> trying to send actual confidential data through the SSL connection and
> if you can configure the server, it's probably simplest to just open a
> non-SSL port, unless you're trying to debug something SSL-specific.

Unfortunately I don't have access to the target server, so this is not an
option (see you other post to this thread for a more description of the
problem)

Thanks