Is it possible to connect to a proxy with an ssl (or otherwise encrypted) connection?

Support seems to vary depending on the browser. You should find the "Encrypted browser-Squid connection" section of the Squid documentation relevant. (Note that this is different from its SslBump feature.) More specifically, these links should be of interest:

http://dev.chromium.org/developers/design-documents/secure-web-proxy
https://bugzilla.mozilla.org/show_bug.cgi?id=378637

Alternatively, if the browser you're using doesn't support it, you could use something like stunnel to establish the connection to the proxy itself.

SSL certificates (The S in HTTPS) guarantees that there are no eavesdroppers between you and the server you are contacting, i.e. no proxies. Nevertheless, you could use the following hack:

Client starts HTTPS session
Proxy intercepts the call and returns an ad-hoc generated(possibly weak) certificate Ka, signed by a certificate authority that is unconditionally trusted by the client.
Proxy starts HTTPS session to target
Proxy verifies integrity of SSL certificate; displays error if the cert is not valid.
Proxy streams content, decrypts it and re-encrypts with it
Client displays stuff

I think I heard of a solution implementing this. Unfortunately, I can't remember its name.

Is it possible to connect to a proxy with an ssl (or otherwise encrypted) connection?

Tags:

Proxy

Tls

Related

Recent Posts