WinGate Forums

[yadie099]

How can I use transparent redirection for http secure session on port 443?
I tried adding the port in the www proxy - Session - Transparent proxy, but when I do this https pages cannot be displayed.
Https sessions are fine if the browser is configured for a proxy, but I want to be able to transparently redirect without configuring the browser for a proxy.

[adrien]

the short answer is that you can't intercept SSL connections. This is for a couple of reasons, the first one being that these connections are negotiated end to end and encrypted. If we intercepted such a connection, we would break it.

Having said that, it probably is now possible to intercept such connections with WinGate 6.0 beta 3, however the client browser will complain that the SSL certificate does not match the one it expects to see since it will see WinGate's one. Furthermore WinGate would connect on to the next server with just HTTP, this would more often than not fail.

All in all, not a good idea. In fact this is called the man-in-the-middle attack. If you want your users to be able to use HTTPS, the easiest thing to do is do nothing - let them just make NAT connections.

Adrien

[yadie099]

Thanks
ssl connections work fine when proxy is setup in the browser. I wondered if it could work without explicitly setting a proxy in the browser.

[adrien]

If you take the proxy setting out of the browser for HTTPS, then it should just make a connection through WinGate's ENS without any problems.

Adrien