-
-
Notifications
You must be signed in to change notification settings - Fork 617
Using public certificate for intercepting proxy #1425
-
Hi,
I am currently running the proxy with the following command:
python3 -m proxy --port 8888 --plugins custom.MyPlugin --ca-cert-file intermediate.cert.pem --ca-key-file intermediate.key.nopass.pem --ca-signing-key ca.key.nopass.pem
and it works great. However, I am using a private CA here and this would require that client applications to update their certificate chain for validation. I am looking to simplify the adoption process here.
So my questions is: Is there support built in already to use a public certificate (not a CA certificate) with *.domain so that the same certificate can be used for all connections and not issue a custom certificate for each url? If yes, is there an example that I can use as reference?
Beta Was this translation helpful? Give feedback.
All reactions
Replies: 1 comment
-
The idea here is that if the original endpoint is example.com and if the proxy endpoint is xyz.com, then client will use endpoint example.xyz.com and the proxy will use *.xyz.com as the certificate and will forward requests to example.com after removing xyz from the url. this way, clients are not required to update their certificate chain or open up firewall for other ports.
Beta Was this translation helpful? Give feedback.