Qingshan Xie wrote:
Hello, I am pretty confused about the TCP connections and sessions in the case of proxy server in the middle. Here is the case,Browser -> SSL-Proxy Server -> SSL WebServerthere are two parts in this SSL communication, 1. Browser -> SSL-Proxy Server. Browser sends a HTTPS request, SSL-Proxy server terminates the SSL connection.2. SSL-Proxy Server -> HTTPS WebServer. SSL-Proxy server as a client re-encrypts the request, sends it to backend HTTPS webServer. How many sessions will be, one or two? Can someone help?
The only SSL proxy I know of is a HTTP proxy that supports the CONNECT method. Basically, the browser connects to the proxy, sends "CONNECT" and the name of the host to connect to. The proxy connects to the webserver. The proxy relays any bytes sent from the client to the webserver, and vice versa. If the client closes the connection, the proxy disconnects from the web server, and vice versa. The only thing that the proxy gets to see is the call to "CONNECT", everything else it cannot view because it is encrypted and it does not have the key.
Cheers, Nicholas Sherlock --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx