Hacker News new | ask | show | jobs
by 1vuio0pswjnm7 1632 days ago
In this instance it is to enable use of any TCP client, namely ones that do not support TLS, e.g., original netcat, tcpclient or an early version of a text-only browser. I use a variety of clients and with only one exception I only trust the proxy to make remote TLS connections. If one uses a client with acceptable TLS support, then there is no need for a TLS proxy.
1 comments
RobSm 1632 days ago
How one goes about using TLS proxy? Are there any services? You have any links? Thanks.
link
1vuio0pswjnm7 1632 days ago
"How one goes about using TLS proxy?"

Note I am referring to a local proxy, listening on the loopback device and under the control of the user, not one listening on a network interface connected to the internet and certainly not one operated by a third party as a "service".

https://www.stunnel.org

Good luck.

link
bandie91 1632 days ago
shameless plug: see autossl.so[1]. it is not a proxy per se, but an LD_PRELOAD-able lib which upgrades plain socket connections to TLS for applicaitions which does not support TLS themself (or using too old SSL versions).

[1] https://github.com/bAndie91/libyazzy-preload/blob/master/src...

link