4

i am here looking for resources or sample code for proxy server which can handle both http and https requests written in java. i searched google and found lot of data on how to handle http requests but not https.

Improve this question
2
  • What is the use case? Stephen C provides the correct answer to a generic question. Are you perhaps talking about a need for SSL off-loading? Situations where your webserver technology does not support encryption? Commented Apr 22, 2012 at 15:04
  • Are you after a proxy server that you'll be able to configure in most browsers (what I'd call a "normal" HTTP/HTTPS proxy), or something that's able to look into the HTTPS requests too (what I'd call a "MITM proxy"), which would require the browser to allow itself to be fooled into trusting its certificates? Commented Apr 22, 2012 at 23:16

2 Answers 2

Reset to default
2

A proxy cannot handle HTTPS and still provide end to end security. It is not possible using SSL/TLS which is what HTTPS is built on.

And a proxy that doesn't provide end-to-end security only has limited utility. So I'm not surprised you can't find an existing implementation.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

It depends on what the question is about: whether it about behaving as a "MITM proxy" which would look into the request or a normal HTTPS proxy (which doesn't, and keeps end-to-end security). Both exist.
Well I always understood a "normal" proxy to be one that would / could do things like caching and filtering. In order to do that, the proxy has to be a man-in-the-middle because it has to look at the requests and responses to implement that functionality.
I'd call "normal" the behaviour of an HTTP(S) proxy as used by all major browsers when you configure them to do so. If you configure a "normal" HTTP proxy server in Firefox or IE (for example), it will make a plain HTTP connection to the proxy for https:// URIs and use the CONNECT verb to connect to the hostname and port in the URI. Despite never being finalized as far as I know, this is the spec that has been used by user agents for years when making an https:// connection via an HTTP proxy: tools.ietf.org/html/draft-luotonen-web-proxy-tunneling-01
1

I'm assuming that you want a normal HTTPS proxy here, that is a proxy that will not look into the request but merely relay all the traffic to the actual HTTPS server after the user-agent has used the HTTP CONNECT method. This is how HTTP proxy servers are normally used for HTTPS requests by browsers.

I haven't tried, but you could look at Jetty and its ConnectHandler.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.