Reverse HTTPS proxy with dynamically-generated CN's

1 posts, 0 answers
  1. Peter
    Peter avatar
    5 posts
    Member since:
    Dec 2015

    Posted 07 Jan 2016 Link to this post

    I'd like to intercept HTTPS traffic from a client when specifying a proxy isn't an (easy) option. Ordinarily, I'd run Fiddler as a reverse proxy and set up a listener on port 443 and specify a CN using

    !listen 443

    However, my client will be talking to multiple HTTPS domain names, rather than a single one. In normal Fiddler proxy operation, handling multiple secure sites isn't an issue, as certificates are dynamically-generated at intercept-time with the proper CN.

    My question is:

    • Is there an equivalent way to enable Fiddler's dynamic-generation of certs in reverse proxy mode?

    It seems like there shouldn't be any technical reason why this couldn't be done, as it'd be a matter of telling the listener to grab the domain name the client is requesting and paste it into the cert that it returns when it initiates the handshake... the same as what Fiddler does in normal operation.

Back to Top