Decrypting HTTPS traffic with BlueCoat reverse proxy
Just submitted as KB article to bluecoat :) Common example scenario: An SSL reverse proxy is deployed, and at some stage in the troubleshooting process a packet capture of the HTTPS traffic is required...
View ArticleUpdate: SQUID transparent SSL interception : Squid v3.2
In order to keep this blog post a bit more relevant, there have been some improvements since that post was written. Squid v3.2 has been released earlier this year, making ssl interception more seamless...
View ArticleExporting / saving decrypted data from wireshark
Elaborating on my previous post, “Decrypting https traffic with bluecoat reverse proxy” in support or troubleshooting situations most of the time the end client would not be willing to give up any...
View ArticleNugget post: Lessons learned in SSH password-less login
There are plenty of guides on how to setup SSH login to a remote host without having to provide a password. The one I followed was:...
View ArticleUsing client certificate authentication w/ BC ProxySG
Had to deal with an interesting case lately. This is what the customer wanted: as you can see, the link between the client and the ProxySG is to be negotiated using HTTPS, while the link between the...
View ArticleRedirecting HTTPS sites using ProxySG
Some customers often ask when using a proxy, if it’s possible to redirect one HTTPS site to another. IE will not accept a non-2xx code in response to an HTTPS. Officially, there is nothing more to it,...
View ArticleSSL session ID & IPS
Intermittent access issues to HTTPS sites… Issue : Randomly, the same HTTPS site would sometimes not respond. IE would show its very unhelpful “page cannot be displayed” while firefox displays the...
View ArticleSQUID transparent SSL interception
July 2012: Small update on new versions of squid (squid v 3.2) here There seems to be a bit of confusion about configuring SQUID to transparently intercept SSL (read: HTTPS) connections. Some sites say...
View Article
More Pages to Explore .....