On Tue, 2010-12-28 at 11:06 +0100, Guillaume Rousse wrote: > > I'd gladly try to set up an SSL proxy, but I'd need additional > informations for this. I quickly checked openssl man page, it doesn't > seem to be possible with it. However, googling point me to > http://crypto.stanford.edu/ssl-mitm/. Is that the way to go ? Something like that, perhaps. Or just use 'openssl s_server' and point your client at it, then manually cut and paste its requests into 'openssl s_client' pointed at the real server. Or stick a breakpoint on the SSL_write() and SSL_read() functions (or override them, but that's easier if it's dynamically linked to OpenSSL). Your packet capture is good enough to confirm that it's really connecting over HTTPS, but you knew that already. We really need to see what's *inside* the HTTP connection. -- dwmw2
