|
Posted by Rich Fife on February 14, 2008, 6:01 pm
If you were Registered and logged in, you could reply and use other advanced thread options > Rich Fife wrote:
> > On Feb 14, 11:55 am, Bruce Stephens <bruce
> > +use...@cenderis.demon.co.uk> wrote:
>
> >> [...]
>
> >>> Do you send an unencrypted HTTP header and then pop over to SSL
> >>> immediately afterwards? When do you do the SSL handshaking? Before
> >>> or after you send the header?
> >> Start straight off with SSL/TLS. (I believe there's a proposal for an
> >> HTTP startTLS, but I don't think it's caught on.)
>
> > So I do an SSL handshake directly with the proxy and then it
> > handshakes with the server? If I don't, how does the proxy know what
> > server I want (it's only in the (encrypted) HTTP header)?
>
> First you create a connection to the proxy which may or may not be secured
> with SSL. Then you send a CONNECT request to the proxy, telling him the host
> you want to talk to. He then sets up the connection and proxies all traffic,
> and if it's secured with SSL then he doesn't know the content.
Ah. I get it. I was going straight for GET and PUT without using
CONNECT. That's the magic word I was looking for.
Thanks!
-- Rich --
| 
XML site map