Re: Configuring a TLS tunnel for an HTTP browser.

To: peter@easthope.ca
Cc: debian-user@lists.debian.org
Subject: Re: Configuring a TLS tunnel for an HTTP browser.
From: Roberto C. Sánchez <roberto@debian.org>
Date: Tue, 7 Nov 2017 06:50:44 -0500
Message-id: <[🔎] 20171107115044.wbpyldcohzoix7ir@connexer.com>
Mail-followup-to: Roberto C. Sánchez <roberto@debian.org>, peter@easthope.ca, debian-user@lists.debian.org
In-reply-to: <[🔎] E1eBw01-0000co-0b@dalton.invalid>
References: <[🔎] E1eBw01-0000co-0b@dalton.invalid>

On Mon, Nov 06, 2017 at 09:00:33PM -0800, peter@easthope.ca wrote:
> Hi,
> 
> I'm interested to make a tunnel to allow a local HTTP browser to 
> connect to any remote HTTPS server.  Appears to be possible using 
> Apache.  I've found several Web pages about  proxy service for local 
> HTTPS servers and remote browsers but that's not my interest. Can 
> anyone cite helpful documentation? 
> 
Hi Peter,

I believe that what you want to accomplish can be done with squid.  I
was originally going to suggest stunnel, but that would work to wrap
local inetd-based services with SSL/TLS and your description says you
want the reverse.  I think that the proxy approach is the only way to do
that.

The only thing about which I am not certain is whether the local user
would be able to enter a plan HTTP URL and then squid can transparently
proxy to HTTPS.  Certainly for HTTPS end-to-end you cannot proxy
transparently.

Regards,

-Roberto

-- 
Roberto C. Sánchez

Reply to:

References:
- Configuring a TLS tunnel for an HTTP browser.
  - From: peter@easthope.ca

Prev by Date: Re: Anyone using stretch/buster/sid on ARMv4t ?
Next by Date: Re: Fedora has a boot option that forces the installer to recognize a drive as GPT, can this be added to Debian?
Previous by thread: Configuring a TLS tunnel for an HTTP browser.
Next by thread: Fedora has a boot option that forces the installer to recognize a drive as GPT, can this be added to Debian?
Index(es):
- Date
- Thread