I'm presently while using apaches mod_proxy/mod_proxy_http/mod_headers like a forward proxy to include (overwrite) cookie request headers to some request such as this:
<Proxy *> Order deny,allow Allow from all RequestHeader set Cookie "mycookie=1234" </Proxy>
(Obviously i do not have allow all and * but to simplify and reproduce case fine)
Now I wish to perform the same to have an ssl connection. I loaded mod_proxy_connect making ssl work fine, however the header injection does not work.
This will make sense because SSL is end2end and shouldnt be modified in route.
However I wish to get it done. I believe the server will have to be considered a guy in the centre. It might need its very own SSL certificate which is invalid for that domain, but this is often added being an exception. Can this in some way be achieved having a reverse proxy?
Another factor that we could be awesome with to (that we would rather) is always to map the ssl link with a usual http connection.
Any suggestions welcome!
It's possible, but that's a breach of SSL security, which means you will not find feature with this in whitened-hat software.
SSLStrip can proxy HTTPS to HTTP and transform links and redirects quickly.