Openssl through HTTP Proxy (cUrl?)

  • Permalink
  • submit to reddit
  • Email
  • Follow


Greetings all,

I need to get an SSL certificate from a server outside of my corporate
network. Inside the network, we use "openssl s_client -connect
host:port" to get that and then use other openssl commands to get some
information of interest. However, when accessing external sites, we
must pass through an NTLM authenticated proxy and therefore direct
connections simply give a connection refused. I Googled for some time
and found no resolution to using openssl over a proxy.

So I thought of using cUrl in some way, which can connect through the
proxy if provided with proper options and authentication. So this
allows me to connect to external sites and enabling "verbose" mode
will allow me to output some of the certificate info (issuer, exp
date, etc), but not all the info I can grab with openssl.

So the question is, is anyone aware of a way to either connect with
openssl over a NTLM authenticated proxy or retrieve all the SSL cert
info using cUrl or some other function (maybe a combination of opening
a connection with cUrl and having openssl commands run over this
connection)?
0
Reply Daniel 9/7/2010 8:16:45 PM

See related articles to this posting


Hello,

on 09/07/2010 05:16 PM Daniel said the following:
> Greetings all,
> 
> I need to get an SSL certificate from a server outside of my corporate
> network. Inside the network, we use "openssl s_client -connect
> host:port" to get that and then use other openssl commands to get some
> information of interest. However, when accessing external sites, we
> must pass through an NTLM authenticated proxy and therefore direct
> connections simply give a connection refused. I Googled for some time
> and found no resolution to using openssl over a proxy.
> 
> So I thought of using cUrl in some way, which can connect through the
> proxy if provided with proper options and authentication. So this
> allows me to connect to external sites and enabling "verbose" mode
> will allow me to output some of the certificate info (issuer, exp
> date, etc), but not all the info I can grab with openssl.
> 
> So the question is, is anyone aware of a way to either connect with
> openssl over a NTLM authenticated proxy or retrieve all the SSL cert
> info using cUrl or some other function (maybe a combination of opening
> a connection with cUrl and having openssl commands run over this
> connection)?

You may want to try this HTTP client class. It supports SSL and several
authentication mechanisms including NTLM.

http://www.phpclasses.org/httpclient

You also need this package to provide NTLM client support.

http://www.phpclasses.org/sasl

-- 

Regards,
Manuel Lemos

JS Classes - Free ready to use OOP components written in JavaScript
http://www.jsclasses.org/

--- news://freenews.netfront.net/ - complaints: news@netfront.net ---
0
Reply mlemos (662) 9/8/2010 4:58:46 AM
comp.lang.php 32496 articles. 6 followers. Post

1 Replies
497 Views

Similar Articles

[PageSpeed] 29


  • Permalink
  • submit to reddit
  • Email
  • Follow


Reply:

Similar Artilces:

Net::HTTP::Proxy using one or more proxies
Hi to net/http/proxy developers, is possible to use multiple proxies in Net::HTTP::Proxy? Tips pls. Thanks and kind regards -botp Hi, In mail "Net::HTTP::Proxy using one or more proxies" "Pe=F1a, Botp" <botp@delmonte-phil.com> wrote: > is possible to use multiple proxies in Net::HTTP::Proxy? > Tips pls. In a word, No. You must use multiple Net::HTTP objects explicitly. Regards, Minero Aoki ...

HTTP Proxy via HTTP Layer by Perl?
I am not sure how proxy works. The basic is it got a request then forward it. I need a perl program for doing that. There are windows, binary based proxys. However, I have to have broadband to use it, then it will cost $50 a month for only fast down, but slow up. If I have a Perl/PHP proxy, and use web server port 80, then I only need to pay $10 web hosting fee for super fast connections up and down. I searched cpan but there is none like that. I went to hotscripts. The only proxy is web based. But I need http layer so that I just enter the ip and port in browser then I am ready to go. Anyo...

Any http proxy to accelerate http GET method?
Hi, Are there any special kind of HTTP proxy that can accelerate web browsing? The proxy server can get web pages, pictures, or movies faster by creating threads to get a resource simultaneously. Has someone heard of or used such kind of proxy server? I need this software because I find I always get about 20KB/s of speed when I watch videos on youtube even if I'm using a 2Mbps ADSL connection. I know it's faster to get the flv file to local disk using any multi-threaded downloading software. I'm just wondering if it's possible to view web contents faster without leaving the br...

kerberos/http+spnego through http proxy server?
Hello, I was testing Http with Kerberos and checking the feasibility of supporting this through a HTTP Proxy server. From internet draft http://www.ietf.org/internet-drafts/draft-brezak-kerberos-http-00.txt, it is clear that Microsoft implemented SPNEGO over HTTP, and nicely tied that to do full ticket-transmission based Kerberos authentication. One of the missing/confusing pieces is the support from IE for Proxy servers. Typically, http proxy server is deployed on edge, but used for any intranet/internet traffic. My questions: a. Above draft mentions "This mechanism is not used for HT...

kerberos/http+spnego through http proxy server? #3
Hello, I was testing Http with Kerberos and checking the feasibility of supporting this through a HTTP Proxy server. From internet draft http://www.ietf.org/internet-drafts/draft-brezak-kerberos-http-00.txt, it is clear that Microsoft implemented SPNEGO over HTTP, and nicely tied that to do full ticket-transmission based Kerberos authentication. One of the missing/confusing pieces is the support from IE for Proxy servers. Typically, http proxy server is deployed on edge, but used for any intranet/internet traffic. My questions: a. Above draft mentions "This mechanism is not used for HT...

IllegalArgumentException with Socket API and Proxy with Proxy.Type.HTTP
I am trying to create a socket with the proxy type of HTTP. Every time the= socket is created an IllegalArgumentException is thrown. I have learned f= rom googling that the HTTP proxy is unsupported in sockets. What is the wo= rk around? Does anyone know? Any help would be much appreciated as there = doesn't seem to be an answer readily available that I can find. Greg On 7/26/2012 10:00 AM, Greg wrote: > I am trying to create a socket with the proxy type of HTTP. Every > time the socket is created an IllegalArgumentException is thrown. I > have learned from goo...

kerberos/http+spnego through http proxy server? #2
Hello, I was testing Http with Kerberos and checking the feasibility of supporting this through a HTTP Proxy server. From internet draft http://www.ietf.org/internet-drafts/draft-brezak-kerberos-http-00.txt, it is clear that Microsoft implemented SPNEGO over HTTP, and nicely tied that to do full ticket-transmission based Kerberos authentication. One of the missing/confusing pieces is the support from IE for Proxy servers. Typically, http proxy server is deployed on edge, but used for any intranet/internet traffic. My questions: a. Above draft mentions "This mechanism is not used for HT...

HTTP Proxy?
Can Eudora be set up to use an HTTP proxy? In particular the TOR IP Anonymizer System: http://tor.eff.org/ Has anyone done it? Thanks Geezer ...

easy to use http proxy for windows that supports basic proxy authentication?
Will the suffering ever end?! I am searching for an easy to use http proxy for windows that supports basic proxy authentication. I've been trying quite a few, including winproxy, winroute, tinyproxy, et al, and nothing has fully worked yet... or some of them have worked TOO well (i.e. apparently assumed that I didn't need to authenticate because I was connecting from localhost, when basic proxy authentication is the thing I need to test!) All I'm trying to do is debug an app I'm writing that is using basic proxy authentication by checking that it is supplying some creden...

easy to use http proxy for windows that supports basic proxy authentication?
Will the suffering ever end?! I am searching for an easy to use http proxy for windows that supports basic proxy authentication. I've been trying quite a few, including winproxy, winroute, tinyproxy, et al, and nothing has fully worked yet... or some of them have worked TOO well (i.e. apparently assumed that I didn't need to authenticate because I was connecting from localhost, when basic proxy authentication is the thing I need to test!) All I'm trying to do is debug an app I'm writing that is using basic proxy authentication by checking that it is supplying some creden...

Super fast Web Proxy, Support SSL, Java Scripts and More :: http://proxy.download-daily.com
http://proxy.download-daily.com ...

pop3 and http proxy
Hi, I need to write a small tool to read mail from a mailbox using pop3. the problem i have is that i use proxy to connect to the internet, and the Net::Pop3 does not support proxy. outlook can get to the mailbox with no problem. can someone give me direction how do i use proxy for pop3 in perl? Regards, Daniel Daniel wrote: > I need to write a small tool to read mail from a mailbox using pop3. > the problem i have is that i use proxy to connect to the internet, and > the Net::Pop3 does not support proxy. outlook can get to the mailbox > with no problem. > can someone give...

HTTP Debugging Proxy
Xavier Defrang has written an HTTP Debugging Proxy. This message is basically for him - since he says on his website that he inhabits this newsgroup. I downloaded this and ran it , with the following result : >>> Traceback (most recent call last): File "D:\Python Projects\cgiproxy\http_debugging_proxy.py", line 34, in ? signal.signal(signal.SIGALRM, SIGALRM_handler) AttributeError: 'module' object has no attribute 'SIGALRM' Is this my fault or yours ? :-) I am in a restricted internet environment and have to use an external CGI proxy to get unrestricte...

http proxy in lisp
hi, is there any lisp code ( as short as possible ) for a http proxy. I'm using cmucl on linux. (defun launch-proxy ( local-port other-server ) "all local requests on port 'local-port' are redirected to 'other-server:80' and the response sent back to client" ... ) thx. On Thu, May 06, 2004 at 06:53:23PM +0200, Christophe Turle wrote: > is there any lisp code ( as short as possible ) for a http proxy. I'm using > cmucl on linux. Portable Allegroserve can act as an HTTP proxy server, if I'm not mistaken. -- ; Matthew Danish <mdanish@a...

http-proxy in Ruby?
I'm thinking of implementing a http-proxy in Ruby that processes the retrieved HTML before passing it on. Ideally, I'd like to rely on a small existing framework or example code that does most of the work for me. Does anything like that exist? Michael -- Michael Schuerig Most people would rather die than think. mailto:michael@schuerig.de In fact, they do. http://www.schuerig.de/michael/ --Bertrand Russell Michael Schuerig wrote: > I'm thinking of implementing a http-proxy in Ruby that processes the > retrieve...

POE HTTP Proxy
Hello, I am working on creating a proxy server based off the example given on the poe.perl.org website for a HTTP Proxy. I have tried to change it to use streaming, however, I am finding that often the responses are incomplete and the wheels in POE::Component::Client::HTTP report read errors. This problem seems to be particularily bad when multiple requests are being made at the same time. However, when I do not use streaming, everything works fine. Interestingly, even without streaming there are still some read errors, but they do not seem to affect the content returned in the response obje...

Understanding http proxies
I am trying to understand how to build an http proxy server in python, and I have found the following example: http://www.oki-osk.jp/esc/python/proxy/ But I do not have found an exact description of what exactly a proxy server is suppose to do (all references gice only the basic principe of proxy that I know). In the following model Client <-> Proxy <-> Server it seems when I read the code above that the proxy acts mostly as an orinary server with respect to the client except that it is supposed to receive the full URL instead of just the path. Am I right? Is there...

HTTP Proxy problem
I'm having trouble getting Proxy to work properly within our corporate firewall. I've validated the proxy settings. Mozilla is able to reach the Internet just fine using the specified proxy, but my demo Ruby app is not. Also, I noticed that I was not able to reach a site within the firewall unless I specified the IP address rather than the URL. I've done some sniffing through the stack using the debugger, and the correct URL seems to be passed down through it. Any suggestions as to what configuration settings I should check or what to watch for in the stack would be welcome. Her...

ruby http proxy
This isn't really a ruby specific question, but it is written partly in ruby. After putting together an http reverse proxy using Zed's C based parsers and eventmachine, I'm asking myself if I'm not doing more work than I need. I'm parsing the request from the client and the response from the server, including chunked encodings. But do I really need to parse the server response? Seems to me I could just keep the connection to the server open until the server closes the connection or the client does. What reasons would there be to have the overhead in a proxy of parsing ...

does ruby have an http proxy
Hi guys! Is there an http proxy module that could be used ? For example , I would like to point my browser through it and filter some web content using my proxy. I know the same thing could be done using greasemonkey and the like , but I would like to know if it can be done with ruby . Thanks -- Posted via http://www.ruby-forum.com/. Lex Williams wrote: > Hi guys! > > Is there an http proxy module that could be used ? For example , I would > like to point my browser through it and filter some web content using my > proxy. I know the same thing could be done using greasemon...

HTTP Proxy on J2ME
Hi, I'm just wondering if it is possible to set an HTTP proxy on aconnection to an HTTP Server from a J2ME Device (PPC 2003). I'm working with a J9 KVM (MIDP 2.0/CLDC 1.0) and the direct connection works fine (on the device and on the Sun WTK Emulator). I've tried to set the proxy in the JVM options : -D=http.proxyHost=XXXX -D=http.proxyPort=XXXX but it does'nt work and I've read in some other post than it didn't change anything if I set it in the code. I didn't find anything about it in J9 options... So is it possible ? If it's possible, how can I do make it t...

http proxy question
I am tryin to grab a file from a site, however, this site limits me to one file per 15 minutes. What im tryin to do is use http profies in my script to just grab the file then change proxies so i can do it again back to back so that site site does not block me. This possible any example code out there? Thank you in advance On Fri, 28 Dec 2007 13:25:07 -0800 (PST), scripteaze <scripteaze@gmail.com> declaimed the following in comp.lang.python: > I am tryin to grab a file from a site, however, this site limits me to > one file per 15 minutes. What im tryin to do is use http profie...

SSH Through a HTTP proxy.
I need help to SSH to my home Linux box through a HTTP proxy server. The server has an incoming port of 8080, for the internal network, protected by NAT. The server also allows outgoing ports of 80 and 443, standard, but no SSH. My network, at home, has a Linksys firewall to allow port forwarding from the SSH port to my computer. I can also change any settings on my box and the router. Any help here? I do have PuTTY here, but I can not install anything or change anything; PuTTY is on a floppy. Can anyone help me with this? Help would be appriciated. /dev/null wrote: > I need help to SSH t...

ssh over http proxy
if i connect to my ssh server at home using putty configured to use corporate http proxy, does this mean my traffic is all plaintext/http until it enters the ssh tunnel at the proxy server? > if i connect to my ssh server at home using putty configured to use > corporate http proxy, does this mean my traffic is all plaintext/http > until it enters the ssh tunnel at the proxy server? No. Think about it: that would mean there were an SSH client in the proxy server. -- Richard Silverman res@qoxp.net sukhpreet <sukhpreet76@yahoo.com> writes: >if i connect to my ssh se...