HTTP Middleman Proxy
Request flow chart
A broker service is a server for the client and a client for the server! The broker returns the message content requested to the server to the client
HTTPS requests
Because HTTPS is an encrypted request, the intermediate agent does not have the private key of the certificate of the corresponding server, so it cannot decrypt the request service of the client, so it cannot know the information of the corresponding server.
-
If the middleman agent wants to support HTTPS requests, the following steps are required:
- The proxy service requests a CA certificate
- The client communicates with the proxy service using the proxy service’s certificate to encrypt and decrypt
- The proxy service then communicates with the server using the corresponding server’s certificate
-
The problem
- General client will have the certificate detection function, he will detect whether the domain name in the certificate and the requested domain name is consistent, when we use the broker agent request, the client will find that the domain name of the certificate is the proxy service application domain name and the server domain name is not consistent, then it will issue a warning or prohibit operation!
HTTP Tunneling Proxy
Simply put, HTTP tunneling proxy is to build a bridge between the client and the server data transmission, in the whole transmission process of the proxy can not get the relevant data. This requires Connect support for HTTP/1.1
This method can solve the problem of HTTPS request perfectly
3proxy
The following figure shows the use of 3Proxy accesshttp://www.baidu.com/The process of
You can see that 3Proxy uses the man-in-the-middle model when accessing HTTP
The following figure shows the use of 3Proxy accesshttps://www.baidu.com/The process of
You can see that 3Proxy uses the tunneling proxy mode when accessing HTTP