EldoS | Feel safer!

Software components for data protection, secure storage and transfer

HTTPSClient + Server and proxy

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#24638
Posted: 04/22/2013 05:27:30
by Birger Jansen (Standard support level)
Joined: 07/19/2012
Posts: 73

I have a client and server application, both based on SBB components.

The client connects to the server over ssl, and both client and server check certificates: the client checks the servers ssl certificate and the server checks the clients authentication certificate. This works ok.

Now I want the client to connect through a proxy but I can't get this to work.

When I test my server with a webbrowser (Internet Explorer) using the same proxy it works (client authentication and all).

When I test my client with the server it seems that both client and server are waiting on each other untill the client gives a timeout.

The server is waiting for data in TElHTTPSServer.DataAvailable and the client is looping in TElHTTPSClient.PerformExchange. Neither client or server is executing the code that checks the certificate.

On the proxy I can verify that the client is making the call to the server.

Any idea what can cause this problem and how I can further investigate it?
#24639
Posted: 04/22/2013 05:36:09
by Vsevolod Ievgiienko (EldoS Corp.)

Hello.

Could you clarify what king of authentication does the proxy use (None, Basic, Digest, NTLM)? How do you enable authentication if it is used?
#24640
Posted: 04/22/2013 05:57:37
by Birger Jansen (Standard support level)
Joined: 07/19/2012
Posts: 73

I am now testing with Privoxy (www.privoxy.org) and it uses no authentication.
#24641
Posted: 04/22/2013 06:05:15
by Vsevolod Ievgiienko (EldoS Corp.)

Then you should simply set TElHTTPSClient.UseWebTunneling to 'true' and adjust TElHTTPSClient.WebTunnelAddress and TElHTTPSClient.WebTunnelPort properties. Alternatively you can use TElHTTPSClient.UseHTTPProxy with TElHTTPSClient.HTTPProxy* properties. Both should work.

Did you set these properties?
#24642
Posted: 04/22/2013 06:13:00
by Eugene Mayevski (EldoS Corp.)

If you use HTTPS connection, you must use SOCKS or HTTP CONNECT (we call it WebTunneling) proxy. Regular HTTP Proxy won't work.


Sincerely yours
Eugene Mayevski
#24643
Posted: 04/22/2013 06:15:43
by Birger Jansen (Standard support level)
Joined: 07/19/2012
Posts: 73

Using TElHTTPSClient.WebTunnel* works, but TElHTTPSClient.HTTPProxy* gives the problems mentioned above.
#24644
Posted: 04/22/2013 06:36:09
by Birger Jansen (Standard support level)
Joined: 07/19/2012
Posts: 73

Quote
Eugene Mayevski wrote:
If you use HTTPS connection, you must use SOCKS or HTTP CONNECT (we call it WebTunneling) proxy. Regular HTTP Proxy won't work.


ok. I'll modify my code to use WebTunneling instead of the proxy!

Are there any otrher significant differences between WebTunneling and Proxy that I should be aware of?
#24645
Posted: 04/22/2013 06:38:53
by Eugene Mayevski (EldoS Corp.)

What version of SecureBlackbox are you using?

We updated the client to have it detect HTTPS connection and if the HTTP proxy is set for HTTPS Connection, the settings of HTTP proxy should be used for web tunneling. To put it simply, you should not have your problem in the first place.


Sincerely yours
Eugene Mayevski
#24646
Posted: 04/22/2013 06:46:18
by Birger Jansen (Standard support level)
Joined: 07/19/2012
Posts: 73

I'm using version 10.0.232. Should the automatic detection work for this version or should I upgrade?
#24647
Posted: 04/22/2013 07:44:48
by Eugene Mayevski (EldoS Corp.)

Should work, but didn't. Will be fixed in the next update.


Sincerely yours
Eugene Mayevski
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 1895 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!