Hi, I'd like to use my rPi as a web proxy with ssl inspection to modify incoming web pages from a https web forum, the idea is to create a script to parse the html and filter out "blocked" user content.
I found a site describing how to recompile Squid for SSL but it didn't work, various links in the scripts were out of date and I couldn't fix it. I'm not sure if this is the right way to do it anyhow.
https://docs.diladele.com/administrator ... index.html
Anyone know how to do this? TIA
Re: rPi as a SSL web proxy
I am not sure if I interpret your description correctly. Why that sounds like the description of “man-in-the-middle” attack? If that is feasible, then HTTPS is useless. Communication via SSL (e.g. HTTPS) are supposed to be secure that nobody in between (including any proxy) should able to see the contents nor modify the contents.
Sorry if I have a wrong understanding of your description.
Sorry if I have a wrong understanding of your description.
Re: rPi as a SSL web proxy
Yes it's mitm but you install a certificate on the client to allow it.
-
davegermiquet
- Posts: 1
- Joined: Sat Dec 15, 2018 2:49 am
Re: rPi as a SSL web proxy
Hello,
I was able to do this put its pretty slow on the Raspberry 2 Model B+
Where did you get stuck i can help..
I was able to do this put its pretty slow on the Raspberry 2 Model B+
Where did you get stuck i can help..
Re: rPi as a SSL web proxy
Hi,
Why don't you terminate the HTTPS on your Pi with apache (if you have the cert you can do it) and forward the content in plain HTTP? You can "inspect" the html and remove the "blocked" parts using mod_substitute.
I'm not saying it will be efficient or fast though.
Cheers,
bzt
Why don't you terminate the HTTPS on your Pi with apache (if you have the cert you can do it) and forward the content in plain HTTP? You can "inspect" the html and remove the "blocked" parts using mod_substitute.
I'm not saying it will be efficient or fast though.
Cheers,
bzt