Cannot intercept HTTPS Traffic (http works)
452 views
Skip to first unread message
Juergen Dietl
Aug 7, 2015, 10:25:43 AM8/7/15
to OWASP ZAP User Group
Hello World :-)
I am new to ZAP. So it would be very nice if anyone of you could help me.
I have installed ZAP under Windows 7/64. After the installation I created a new SSL root certificate
and imported that in my firefox. And of course I set the proxy to localhost:8080.
But for any reason I cannot see any HTTPS requests.
I can see all HTTP-Requests.
Any idea?
Thanx a lot for all your help.
cheers,
Juergen
I am new to ZAP. So it would be very nice if anyone of you could help me.
I have installed ZAP under Windows 7/64. After the installation I created a new SSL root certificate
and imported that in my firefox. And of course I set the proxy to localhost:8080.
But for any reason I cannot see any HTTPS requests.
I can see all HTTP-Requests.
Any idea?
Thanx a lot for all your help.
cheers,
Juergen
thc...@gmail.com
Aug 7, 2015, 10:34:34 AM8/7/15
to zaprox...@googlegroups.com
Hi.
Is the "HTTP Proxy" configuration selected for all protocols ("Use this
proxy server for all protocols")?
If not, is "SSL Proxy" configured to use ZAP?
If the proxy configuration is correct, are the HTTPS pages shown when
you try to access them? Any error?
Best regards.
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-user...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.
Is the "HTTP Proxy" configuration selected for all protocols ("Use this
proxy server for all protocols")?
If not, is "SSL Proxy" configured to use ZAP?
If the proxy configuration is correct, are the HTTPS pages shown when
you try to access them? Any error?
Best regards.
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-user...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.
Juergen Dietl
Aug 7, 2015, 10:38:53 AM8/7/15
to OWASP ZAP User Group
Hello,
thanx for your help.
Anwers:
thanx for your help.
Anwers:
s the "HTTP Proxy" configuration selected for all protocols ("Use this
proxy server for all protocols")?
---> YES
If not, is "SSL Proxy" configured to use ZAP?
If the proxy configuration is correct, are the HTTPS pages shown when
you try to access them? Any error?
---> The HTTPS pages show up in the browser without any error.
I have also disabled the windows firewall because its often a guilty part .......
Have a nice day,
cheers,
Juergen
I have also disabled the windows firewall because its often a guilty part .......
Have a nice day,
cheers,
Juergen
thc...@gmail.com
Aug 7, 2015, 10:56:28 AM8/7/15
to zaprox...@googlegroups.com
OK, just to confirm that the HTTPS traffic is really being proxied
through ZAP try changing the local proxy port [1] and check if HTTPS
pages are still shown.
I suppose you do not have any exclusions in the session? [2]
[1]
https://github.com/zaproxy/zap-core-help/wiki/HelpUiDialogsOptionsLocalproxy
[2]
https://github.com/zaproxy/zap-core-help/wiki/HelpUiDialogsSessionSessprop#exclude-from-proxy
Best regards.
through ZAP try changing the local proxy port [1] and check if HTTPS
pages are still shown.
I suppose you do not have any exclusions in the session? [2]
[1]
https://github.com/zaproxy/zap-core-help/wiki/HelpUiDialogsOptionsLocalproxy
[2]
https://github.com/zaproxy/zap-core-help/wiki/HelpUiDialogsSessionSessprop#exclude-from-proxy
Best regards.
Juergen Dietl
Aug 7, 2015, 11:12:38 AM8/7/15
to OWASP ZAP User Group
OK I cleaned the registry.
Bootet. Reinstalled Browser, ZAP.
Setup all following the tutorial.
And it works. No clue why.
Thanx for all your help.
cheers,
Juergen
Bootet. Reinstalled Browser, ZAP.
Setup all following the tutorial.
And it works. No clue why.
Thanx for all your help.
cheers,
Juergen
thc...@gmail.com
Aug 7, 2015, 11:45:30 AM8/7/15
to zaprox...@googlegroups.com
Great! Thanks for letting us know.
You're welcome!
Best regards.
You're welcome!
Best regards.
Reply all
Reply to author
Forward
0 new messages