ash73
Posts: 11
Joined: Mon Jan 30, 2017 12:52 pm

rPi as a SSL web proxy

Wed Jan 24, 2018 5:02 pm

Hi, I'd like to use my rPi as a web proxy with ssl inspection to modify incoming web pages from a https web forum, the idea is to create a script to parse the html and filter out "blocked" user content.

I found a site describing how to recompile Squid for SSL but it didn't work, various links in the scripts were out of date and I couldn't fix it. I'm not sure if this is the right way to do it anyhow.

https://docs.diladele.com/administrator ... index.html

Anyone know how to do this? TIA

User avatar
bertlea
Posts: 296
Joined: Wed Dec 07, 2016 6:33 am
Location: Hong Kong

Re: rPi as a SSL web proxy

Fri Jan 26, 2018 3:02 am

I am not sure if I interpret your description correctly. Why that sounds like the description of “man-in-the-middle” attack? If that is feasible, then HTTPS is useless. Communication via SSL (e.g. HTTPS) are supposed to be secure that nobody in between (including any proxy) should able to see the contents nor modify the contents.

Sorry if I have a wrong understanding of your description.

ash73
Posts: 11
Joined: Mon Jan 30, 2017 12:52 pm

Re: rPi as a SSL web proxy

Fri Jan 26, 2018 1:43 pm

Yes it's mitm but you install a certificate on the client to allow it.

davegermiquet
Posts: 1
Joined: Sat Dec 15, 2018 2:49 am

Re: rPi as a SSL web proxy

Sat Dec 15, 2018 2:50 am

Hello,

I was able to do this put its pretty slow on the Raspberry 2 Model B+

Where did you get stuck i can help..

bzt
Posts: 393
Joined: Sat Oct 14, 2017 9:57 pm

Re: rPi as a SSL web proxy

Sat Dec 15, 2018 7:42 pm

Hi,

Why don't you terminate the HTTPS on your Pi with apache (if you have the cert you can do it) and forward the content in plain HTTP? You can "inspect" the html and remove the "blocked" parts using mod_substitute.

I'm not saying it will be efficient or fast though.

Cheers,
bzt

Return to “Networking and servers”