How can set HTTP (SSL) proxy in programs ?
I want to use Nordvpn https proxy in programs. When I use NordVPN HTTP proxy in Ferdi in this format -
Proxy Host/IP : http://name.nordvpn.com
Port : 80
Username: Something
Password: Something
It works but when I use HTTPS proxy from NordVPN in this format.
Proxy Host/IP : https://name.nordvpn.com
Port : 80
Username: Something
Password: Something
It show error: ERR_PROXY_CONNECTION_FAILED
I got my servers from https://nordvpn.com/servers/tools/
and choosed below options
Advanced Option>P2P and HTTP Proxy for HTTP and HTTP SSL for HTTPS
Any Idea how can I use HTTPS proxy in ferdi and any mistake in above HTTPS format.
The port number used by the NordVPN HTTP SSL proxy is 89.
It's not published anywhere on their website, and I don't know why. Someone on Reddit figured it out by looking through the code of their browser plugin. I had the a similar problem and this port works for me.
Related
I am running a Groovy script to capture traffic over proxy port in OWASP ZAP.
For https site, I am setting the proxy as given below and I can see the traffic in ZAP when I run my script.
System.setProperty('https.proxyPort', '8083')
System.setProperty('https.proxyHost', '127.0.0.1')
For http site, I am setting the proxy as given below but I can not see the traffic.
System.setProperty('http.proxyPort', '8083')
System.setProperty('http.proxyHost', '127.0.0.1')
The same settings although work fine when configured on Chrome. I have tried using the IP address instead of 127.0.0.1 but that also did not help. What could be going on wrong here ?
I have build a Go server using Echo framework, i get TLS certificades and a domain name, but when i try a request i get the message "Client sent an HTTP request to an HTTPS server." and when i try acces the server from the IP address of the EC2 using the port 443, it says that the connection is not secure:
And when i change the server to the port 80 to acces through the domain name, i get the following error:
I'm starting the server using the StartTLS func
e.Logger.Fatal(e.StartTLS(":80", "/etc/letsencrypt/live/anltcsprod.enrtt.com/fullchain.pem", "/etc/letsencrypt/live/anltcsprod.enrtt.com/privkey.pem"))
Is it something wrong with my domain or certificade?
Port 80, by default, communicates over HTTP. 443 is reserved for HTTPS traffic. Assuming nothing else is wrong, you should be able to simply change your e.StartTLS() to this:
e.Logger.Fatal(e.StartTLS(":443", "/etc/letsencrypt/live/anltcsprod.enrtt.com/fullchain.pem", "/etc/letsencrypt/live/anltcsprod.enrtt.com/privkey.pem"))
For example localhost:4000
Instead use https://localhost:4000
I am trying to do load testing with JMeter for a spring boot application running locally on port 8080.
Request configured is a GET request, and protocol is https. I get following error message:
javax.net.ssl.SSLException: Unsupported or unrecognized SSL message
at java.base/sun.security.ssl.SSLSocketInputRecord.handleUnknownRecord(SSLSocketInputRecord.java:439)
at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:184)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:108)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1151)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1062)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
Any input on it would help?
Your are most probably using https to hit the server while you should use http as port 8080 is usually for http.
Otherwise change port to 8443 for https
Did you cross-check the port number on JMeter?
make sure that the same port is defined in JMeter as well.
https://localhost/application/sub/url
For the above URL, the port number is 443 which is the default port for https
https://localhost:8080/application/sub/url
Whereas the above URL uses 8080 for communication.
Please make sure the correct port has been specified.
Additionally, also note that that JMeter itself doesn't allow unsigned certificates. Make sure the certificates are properly signed via Certificating Authority.
i have a windows 10 computer and a program, that sends to a server (xxx.com aka x.x.x.x) a request. server responses with, for example, "false". that program reads that response and based on that gives output. I need to locally (not on the server, only for me) change that value for, for example, "true". I tried Charles, but it doesn't work for my soft (in browser same requests that go through Charles give "true"). What is the problem here?
Charles "doesn't work" for your program because the HTTP request sent from your program is not intercepted. Charles can autoconfigure the proxy setting for browsers, that's why in your browser "same requests that go through Charles give true".
In order to make Charles intercept your program's HTTP request, a reverse proxy need to be configured:
Step 1. Launch Charles, and go to Proxy - Reverse Proxies...
Step 2. Check Enable Reverse Proxies and click Add.
Step 3. Configure a reverse proxy:
Local port: 59110 // any unused local port
Remote host: xxx.com // the target server
Remote port: 80 // the port opened in target server
Step 4. In your program, send all HTTP requests to localhost:59110.
In this way, Charles can intercept all HTTP requests sent from your program, and you can change the HTTP response data.
If the target server provides HTTPS service instead of HTTP, some additional work need to be done:
SSL-Step 1. In Charles, go to Proxy - SSL Proxying Settings - SSL Proxying
SSL-Step 2. Check Enable SSL Proxying and click Add:
SSL-Step 3. Configure an SSL proxy:
Host: xxx.com // the target server
Port: 443 // the SSL port opened in target server
SSL-Step 4 (1). go to Help - SSL Proxying - Install Charles Root Certificate. This will allow your program trust the self-generated certificate from Charles.
or
SSL-Step (2). If you don't want to install Charles' root CA, you can change your program to prevent certificate error. For example, in Node.js, the following code can prevent program from rejecting unauthorized certificate:
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
I would like to use the net/imap library in ruby behind a authenticated proxy, I was starting to dig in and I'm wondering if there is a way to do this already or if I need to make my own version of the net/imap library that supports a proxy?
It is possible to tunnel any socket connection through a HTTPS proxy server.
To do this:
open a socket to your proxy server
send "CONNECT hostname : portnumber HTTP/1.0\n\r\n\r\n"
read from the socket until you see the end of the HTTP headers (2 blank lines)
your socket is now connected
Here is a ruby example of such a tunnel.
Reasons this will fail:
most network admins will only allow CONNECT to port 443
proxy server has proxy authentication
The easiest way to hack libraries that don't support proxy information is to replace Net::HTTP with an instance of Net::HTTP::Proxy:
# somewhere before you load net/imap
proxy = Net::HTTP::Proxy(address, host)
Net.class_eval do
remove_const :HTTP
HTTP = proxy
end