Click here to Skip to main content
15,748,330 members
Please Sign up or sign in to vote.
3.00/5 (2 votes)
See more:
I wanted to create a proxy server just like fiddler. the main point is, this proxy will be deployed as HTTPS(SSL encripted) only.

I am successfully able to create a proxy(in c#) which is intercepting all my web traffic from the browser(including https sites). But i am facing difficulty when trying to implement SSL implementation for proxy itself.

So the questions are:

Is it really possible to create a proxy server which will be deployed as HTTP itself and with above requirement?
Will my browser automatically handle everything like handshaking with proxy server(after giving proxy settings in internet options) or i need to do some modification at browser end also?
Any help will be appreciable

Updated 15-Oct-15 23:46pm
Nathan Minier 16-Oct-15 13:18pm    
Providing that you have a full SSL cert (including the private key), that shouldn't be terribly hard. Depending on the HTTP Server implementation that you're using, you will need to bind the cert to the port you're using and your application using netsh.

Have a look at:

If you want to automate it, you can make the cert installation and configuration part of an installer.
Member 10077458 17-Oct-15 1:50am    
I have already implemented the certification and ssl implementation in the proxy. When i am communication with tcp client from the code, it is working. but when i am using it with browser, it is giving me "handshake failed due to an unexpected packet format".

The logical reason that comes to my mind is, when browser is requesting for HTTP site, server first tries to handshake with the browser, which browser is not expecting.
Nathan Minier 19-Oct-15 7:20am    
No, I don't think that's it. Generally when I've not not implemented a redirect to HTTPS I get a "Cannot display this page" error.
Which client are you using in code, the System.Net.Http.HttpClient?

Member 10077458 19-Oct-15 8:00am    
Currently i am using TCP client
Nathan Minier 19-Oct-15 8:30am    
Okay, so you're going for a layer 4 connection using:

Okay, that explains a lot. My assumption was that you had used an application-level framework, not the transport. Unfortunately, your service is going to be operating under the same assumptions. Unless you built your own parsing module for the TCP Connection, you're going to need to have software on both sides of the connection to handle passing layer 5 traffic.

My advice, if you intend to use this proxy only for HTTP packets, is to implement a web server on the proxy rather than a TCP Listener and let that handle the packet parsing. It will lose flexibility (no telnet/SSH proxy for instance) but will be much less bulky to implement.

Your other option is to implement a packet type detect on the TCP listener, and then implement modules for the various relay types that will properly format the packets. Because you're unwrapping and re-wrapping with SSL, you cannot just relay the packets over; they have to be parsed by the proxy. That's no mean feat, and you will find yourself in the weeds quickly.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900