On 07/13/2018 07:08 AM, bruce wrote:
I see different sites/articles on the need to setup a proxy server/certs and to then install/insert the cert in the "browser" location. In my case I'm using a test headless browser, so I'm trying to get a basic model of how this can work.
Encryption algorithms with PFS are gaining more widespread use, and those make passive decryption of traffic more difficult. That's why most of the advice you see on this topic right now involves the use of a proxy server that terminates the TLS connection and relays the requests. (BTW, this is not the "normal" mode of operation for a proxy server, which simply passes-through the encrypted connection).
I don't have any such systems in operation, but I think this one does what you want to do:
https://mitmproxy.org/ _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx/message/VKDXTKDK463B2BISYYIZV3P74NBUQF3H/
