Proxytunnel is a program that connects stdin and stdout to a server somewhere on the network, through a standard HTTPS proxy. Getting it built seems to be pretty straight forward stuff.

So now I know this certificate is blessed by my client, I can try to use it to connect. But let’s say I try to use a self-signed certificate or another cert that’s not trusted… And using a self-signed certificate, you should see something like this… If it’s a trust issue, perhaps the certificate is valid, but it just can’t find the CA or intermediate certificate… But, if everythings working correctly, your client should connect just fine. And it will look something like this, with a big fat Verify return code: 0 (ok) at the end.

I’m going to test on a remote machine that I have a shell on, so lets see how many processors it has. I wonder how many connections it can handle with its current 1024 bit certificate. You could test by retrieving a file accessible from the encrypted web server if you wanted (to see how many requests for something specific that the server can handle for example) I’ll try this from a different machine.

I read in a bunch of places that you can’t use HTTP["scheme"] to redirect http:80 traffic to https:443 without using 2-3 levels of nesting with socket and host. But that’s just not true. The only reason it doesn’t work at first is because http is a subset of https, so be more specific with http$ and it works with just one line in lighttpd.conf.

Now edit the lighttpd.conf configuration file to enable ssl. Use the public facing interface’s IP address instead of mine, unless yours happens to be 192.168.1.2 too! And nmap or netstat will let you know it’s listening on port 443