Compatibility with juniper ssl vpn ?

[David Woodhouse]

On Tue, 2010-12-28 at 11:06 +0100, Guillaume Rousse wrote:
> 
> I'd gladly try to set up an SSL proxy, but I'd need additional
> informations for this. I quickly checked openssl man page, it doesn't
> seem to be possible with it. However, googling point me to
> http://crypto.stanford.edu/ssl-mitm/. Is that the way to go ?

Something like that, perhaps. Or just use 'openssl s_server' and point
your client at it, then manually cut and paste its requests into
'openssl s_client' pointed at the real server.

Or stick a breakpoint on the SSL_write() and SSL_read() functions (or
override them, but that's easier if it's dynamically linked to OpenSSL).

Your packet capture is good enough to confirm that it's really
connecting over HTTPS, but you knew that already. We really need to see
what's *inside* the HTTP connection.

-- 
dwmw2