How to get Host name and Block them without using self signed certificates

[dynamicritz]

I want to know how can I put decryptSsl to false and still in the OnBeforeRequest Event Handler simply drop the request or might corrupt. I don't need to read the data. It feels as if the OnBeforeRequest is not even triggered when I set decryptSsl to false.. Can u guide me in this regard? Thanks

[justcoding121]

We cannot do that. SSL encryption is done at TCP level for the whole HTTP request, including url, headers and body. So, when decryptSsl is false, we cannot even parse the request or response. So it would not fire the request/resonse handlers. An eavesdropper would only able see the source and destination IP address and ports of the request, nothing more.

[dynamicritz]

Isn't the destination IP equivalent to the Host name which I am demanding? If so do we have any provision to filter or process the request/response out?(by process I mean to corrupt, not read).. Feel free to correct me if I am wrong... Not an issue there.

[justcoding121]

A host can have multiple IP addresses. You may be able to find the host using a reverse lookup. You may be able to see the hostname even when SSL decryption is disabled when using Transparent end point by parsing the SSL tunnel request from browser, use TunnelConnectRequest

[justcoding121]

You can also deny SSL connection when using explicit end point, using DenyConnect property during TunnelConnect. Something like below. Remember this is only possible when using ExplicitEndPoint, which I assume you are indeed using. In transparent end point there won't be a connect request, however you can abandon request there. See #804

 private async Task ProxyServer_BeforeTunnelConnectRequest(object sender, TunnelConnectSessionEventArgs e)
        {
            string hostname = e.HttpClient.Request.RequestUri.Host;
            if (hostname.EndsWith("webex.com"))
            {
                e.DenyConnect = true;
            }

        }