Inspect a user's certificate in a request while using the proxy! I am sure this can be done??
Jeryl Cook
Hello,
How do I inspect the user’s certificate of an incoming request to the little proxy using MITM?
For example:
wget https://facebook.com/index.html -e use_proxy on -e https_proxy=https://0.0.0.0:8442 -ca-crt=/mitm.cer –private-key /home/jeryl/.ssh/private.pem –certificate=/home/jmcook3/.ssh/cert/mycert.cer
I want to get this client’s x509 in the MITM implementation little prox.
LittleProxy is running on port 8442
This is easy in for example, a java web server, I would have a filter and extract the certificate like from a request.
//HttpRequest is javax.servlet.http.HttpServletRequest
X509Certificate[] x509s = (X509Certificate[])httpServletRequest.getAttribute(“javax.servlet.request.X509Certi
The x509 I would see the X509 of mycert.cer!
This is not available with LittleProxy(but I hope I can do this..)
In MITM…clientSslEngineFor(SSLSession sslSession) for example I assumed it would be here in the peerCertificates perhaps, but the X509 is not there. It only contains the ‘impersonation’ cert I created so the CN is facebook.com.
Also, I checked in inside my implementation of HttpFlitersSource.filterRequest(io.netty.handler.codec.http.HttpRequest httpRequest,…)
But the httpRequest, does not contain a way to grab anything on that may be in the attribute.
How do I get the user’s client x509 used when connecting over proxy?
Thanks!
