5

If I set up a proxy (such as Squid for example) configured with certs to listen for HTTPS are browsers able to connect to the proxy over TLS/SSL?

Example of what I'm asking:

Browser Proxy Server yahoo.com -> TLS -> Squid -> HTTP -> yahoo.com

I've set up a proxy listening on 443, but am not having success getting browsers to use it (connecting to the http proxy on port 80 works fine).

jm.
  • 23,422
  • 22
  • 79
  • 93
David Parks
  • 30,789
  • 47
  • 185
  • 328
  • Belongs on http://superuser.com – NullUserException Sep 25 '10 at 16:44
  • Yes, you can do that. But you need to employ a https proxy server and use a `pac` file for the brower, GUI configuration for SSL connection to a proxy is not yet supported for both Chrome and Firefox . See my question and answer [HTTPs proxy server only works in SwitchOmega](https://stackoverflow.com/questions/56981993/https-proxy-server-only-works-in-switchomega). – Rick Jul 12 '19 at 01:24

2 Answers2

6

Chrome can do that: http://www.chromium.org/developers/design-documents/secure-web-proxy

It also supports a directive in PAC file to point to HTTPS proxy.

Andris Attack
  • 61
  • 1
  • 1
  • From that page, it looks like this is possible without running any tunnel on the client side - Chrome supports it directly. – thomasrutter Jul 09 '14 at 00:47
2

If you want to secure your communication between browser and proxy, use STunnel (SSL tunneling) or VPN or SSH tunnel to the "proxy" server, then run your communication over this secure tunnel. I.e.:

Browser -> STunnel on the client -> STunnel on the server -> Squid Proxy -> Remote host

To answer your direct question - what you want is for the browser to act in a similar way to STunnel itself. I don't know a browser or even HTTP/HTTPS component (if we are on a programming site) to work this way.

Eugene Mayevski 'Callback
  • 45,135
  • 8
  • 71
  • 121