我的自定义代理服务器上的SSL(HTTPS)错误 [英] SSL (https) error on my custom proxy server
问题描述
这是我的模式码!当我从Firefox发送HTTP请求,它做工精细!但是当我尝试HTTPS的Firefox这个回复:
here's i mode code! when i send http request from firefox it work fine! but when i try https firefox reply with this:
要mail.yahoo.com在连接过程中发生错误。
SSL收到了创纪录与未知的内容类型。
(错误代码:ssl_error_rx_unknown_record_type)
An error occurred during a connection to mail.yahoo.com. SSL received a record with an unknown content type. (Error code: ssl_error_rx_unknown_record_type)
我调试它成功地连接到HTTPS和recive字节代码,但是当它传递它插座它将拒绝:
I debug the code it successfully connect to https and recive the bytes but when it pass it to socket it will reject:
Tehre是在8080的监听器,我的代码是:
Tehre's a listener on 8080, and my code is:
ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications);
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;
CookieContainer cookie = new CookieContainer();
if (strClientConnection.Contains("443")) {
strClientConnection = "https://" + strClientConnection.Replace(":443","");
};
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(strClientConnection);
request.CookieContainer = cookie;
request.KeepAlive = true;
request.Timeout = 120000;
request.AllowAutoRedirect = true;
request.ReadWriteTimeout = 120000;
request.Method = "POST";
{
using (HttpWebResponse myWebResponse = (HttpWebResponse)request.GetResponse())
{
bool isSuccess = (int)myWebResponse.StatusCode < 299 && (int)myWebResponse.StatusCode >= 200;
if (isSuccess)
{
using (Stream reader = myWebResponse.GetResponseStream())
{
int BytesRead = 0;
Byte[] Buffer = new Byte[32];
int BytesSent = 0;
BytesRead = reader.Read(Buffer, 0, 32);
while (BytesRead != 0)
{
m_sockClient.Send(Buffer, BytesRead, 0);
BytesSent += BytesRead;
BytesRead = reader.Read(Buffer, 0, 32);
}
}
}
}
}
推荐答案
这是HTTP代理通常不会使HTTPS请求本身(除非它是专门设计,使一个官方中间人攻击)。
An HTTP proxy normally does not make the HTTPS request itself (unless it's specifically designed to make an "official" Man-In-The-Middle attack).
HTTP客户端(包括浏览器)使用HTTP 连接
方法来告诉代理服务器有效,在转发整个HTTPS请求( SSL / TLS)隧道到目标HTTPS服务器。
HTTP clients (including browsers) use the HTTP CONNECT
method to tell the proxy server to forward the entire HTTPS request (effectively, the SSL/TLS) tunnel to the target HTTPS server.
当你在你代理一个连接
请求(比方说连接host.example.org:443
),你应该做一个直接的TCP连接 host.example.org:443
和继电器及其内容(双向)浏览器,没有改变。
When you get a CONNECT
request on your proxy (say CONNECT host.example.org:443
), you should make a direct TCP connection to host.example.org:443
and relay its content (both ways) to the browser, without alteration.
这篇关于我的自定义代理服务器上的SSL(HTTPS)错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!