Hi Everyone,
I'm running my client to talk to a service that is behind a proxy. The
channel between the client and the server proxy is established through SSL.
I wish to retain the certificates of the proxy.
Client --- SSL socket (HTTPS) ---> SSL PROXY --- Plain socket (HTTP) --->
Server
The way I do it is to create a context for each request and grab the SSL
session info from the context after each request is executed.
......
HttpClientContext clientContext = HttpClientContext.create();
CloseableHttpResponse response = httpclient.execute(target, httppost,
clientContext);
ManagedHttpClientConnection conn = clientContext.getConnection(
ManagedHttpClientConnection.class);
if(conn.isOpen()) {
SSLSession sslsession = conn.getSSLSession();
X509Certificate[] peerCertChain = sslsession.getPeerCertificateChain();
}
The code works fine when there is no proxy and the server runs SSL. In that
case, I'm able to get the server certificates. However, with the SSL proxy
in the middle, the connection (ManagedHttpClientConnection) I got from the
context is always NOT open. With that, I sort of ran out of ideas to get
the SSL session for the request. Any thoughts?
Thanks in advance!
-Qiang
