Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

http tunnel implementation question #109

Open
phiysng opened this issue Oct 17, 2021 · 1 comment
Open

http tunnel implementation question #109

phiysng opened this issue Oct 17, 2021 · 1 comment

Comments

@phiysng
Copy link

phiysng commented Oct 17, 2021
edited
Loading

When it comes to HTTP Tunnel , nitmproxy decode the payload of the CONNECT payload , which seems not what a tunnel should do.A tunnel should not case about what was in the payload , In theory , at least in my knowledge.

In this approach , http tunnel is not much different from the http proxy.

Meanwhile , It can not pass the tls check when I try to connect to a https website with http tunnel with curl.
becase whe key it get is from the proxy server , not the origin website we wanna go.

curl  --proxytunnel -x http://127.0.0.1:8080 https://www.baidu.com
>>> curl: (77) schannel: next InitializeSecurityContext failed: SEC_E_UNTRUSTED_ROOT (0x80090325)

correct me if I get it wrony.
thanks.
@abbasvalliani
Copy link
Contributor

abbasvalliani commented Oct 17, 2021
edited
Loading

Did you actually add the NITMP proxy cert to your CA store? Generate a certificate, start NITM with a certificate and add the .cer file as a CA cert on your machine. This error should go away. You may be able to provide the self-signed cert directly in curl but read the docs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@phiysng @abbasvalliani