On Thu, 5 Dec 2019, Gael GUEGAN via curl-library wrote:
I am new in using the libcurl, and I would like to make a secured tunnel
through a proxy. But before, I would like to be sure that it is possible to
make one using libcurl.
First, make sure that you're really talking about a HTTPS proxy and not just
doing HTTPS through HTTP proxy. A HTTPS proxy speaks HTTPS to the proxy, which
still is an unusual setup.
I have seen that it exists the option CURLOPT_HTTPPROXYTUNNEL.
Yes, but when you speak HTTPS through a HTTP(S) proxy, that is implied.
Would it be sufficient to configure curl with the following options too make
my tunnel secure ?
* CURLOPT_HTTPPROXYTUNNEL = 1L
Not necessary.
* CURLOPT_PROXYTYPE=CURLPROXY_HTTPS
Double-check that you really mean HTTPS and not HTTP.
* CURLOPT_PROXY_SSLCERT
* CURLOPT_PROXY_SSLCERTTYPE
* CURLOPT_PROXY_SSLKEY
* CURLOPT_PROXY_SSLKEYTYPE
These are for using client certificates (sometimes called mTLS, for mutual
authentication). If you need that, then yes use these options.
* CURLOPT_PROXY_CAPATH
If you need to specify a custom path for your HTTPS proxy connection, sure.
* CURLOPT_PROXY_SSL_CIPHER_LIST
If you need to especially customized what ciphers you want to accept for your
HTTPS proxy connection, then this is the right option.
Are all these options enough ?
No, because none of them sets the actual proxy host name. Most of the other
options are optional, not required.
--
/ daniel.haxx.se | Get the best commercial curl support there is - from me
| Private help, bug fixes, support, ports, new features
| https://www.wolfssl.com/contact/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
