For proxying connections embedded in SSL, a properly configured proxy for the embedded protocol is required — the best way is to derive an own proxy class and modify its parameters, but you can use a built-in proxy (for example, the HttpProxy
for HTTPS traffic) if its default behavior is acceptable for you. The SSL-framework validates the certificate of the server, decrypts the secure channel, then passes the data to the proxy. To transfer traffic that does not have a native proxy, or to inspect only the SSL connection without analyzing the embedded protocol, use PlugProxy
.
For details on deriving and modifying proxies, see Section 6.6, Proxy classes in Proxedo Network Security Suite 1.0 Administrator Guide.
The following procedure describes how to configure Application-level Gateway proxies to handle SSL/TLS connections. For the configuration examples, an Http proxy will be used to inspect HTTPS connections — you can use other proxies similarly to inspect IMAPS, POP3S, and other types of traffic.
Published on June 04, 2020
© 2007-2019 BalaSys
Send your comments to support@balasys.hu