On Tue, Mar 16, 1999, Joe and Barbie Oravetz wrote:
> I would like to automate a series of connections to an SSL remote server
> without using a browser. I have Apache-modssl installed properly and
> was wondering if I could configure my local server to monitor what my
> browser sends to the remote SSL server. I connect to the remote SSL
> server frequently - it uses Cookies, Server Redirects, Post Forms, etc.
> - all of which make connection automation a little challenging. I'm
> currently using tools like Curl, Net::SSleay, and the LWP modules
> (thanks to Stenberg, Sampo, and Gisle Aas) to establish connections from
> the command line.
>
> Is it possible to use the local Apache-modssl server as a proxy monitor
> on the same machine as a browser - what is the configuration procedure?
I'm not sure what exactly you want to do, because to monitor something hasn't
usually anything to do with automating connections. So I try two separate
answers:
1. Actually just monitoring an SSL inside a proxy isn't possible,
because the data passes the proxy opaque and the proxy cannot easily
decrypt the SSL messages, of course. But when your proxy is a gateway, the
things are different, of course. In this case you speak to the proxy as it
would be an origin server and the proxy speaks to the remote server as it
would be a client and not a proxy. Then it's possible that you log/monitor
the traffic, of course. mod_ssl currently adds only HTTPS support to
mod_proxy without authentication support, so as long as your remote server
doesn't require client authentication you can use mod_proxy for this. In
combination with SSLLogLevel debug you get your monitoring facility.
2. To automate connections to a remote SSL server tools like
cURL and Net::SSLeay _are_ the correct tools. I see no other option,
because every automation has to be programmed and those tools support this
very nicely (especially Net::SSLeay). So, when you want to perform
automated connections use _these_ tools, of course.
Perhaps my answers make you still not happy because I don't fully understand
the combination of automation and monitoring in your question. Feel free to
complain and ask again in more detail...
Greetings,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
