proxy.py icon indicating copy to clipboard operation
proxy.py copied to clipboard
verified publisher icon abhinavsingh

End-to-end encryption from the example does not work

Open tawmoto opened this issue 3 years ago • 0 comments

Hi, I want to set proxy.py with end-to-end-encryption.

I cloned the repo and I did this:

~/Desktop/proxy.py/proxy.py$ make https-certificates
# Generate server key
python -m proxy.common.pki gen_private_key \
	--private-key-path https-key.pem
/usr/lib/python3.8/runpy.py:127: RuntimeWarning: 'proxy.common.pki' found in sys.modules after import of package 'proxy.common', but prior to execution of 'proxy.common.pki'; this may result in unpredictable behaviour
  warn(RuntimeWarning(msg))
python -m proxy.common.pki remove_passphrase \
	--private-key-path https-key.pem
/usr/lib/python3.8/runpy.py:127: RuntimeWarning: 'proxy.common.pki' found in sys.modules after import of package 'proxy.common', but prior to execution of 'proxy.common.pki'; this may result in unpredictable behaviour
  warn(RuntimeWarning(msg))
# Generate server certificate
python -m proxy.common.pki gen_public_key \
	--private-key-path https-key.pem \
	--public-key-path https-cert.pem
/usr/lib/python3.8/runpy.py:127: RuntimeWarning: 'proxy.common.pki' found in sys.modules after import of package 'proxy.common', but prior to execution of 'proxy.common.pki'; this may result in unpredictable behaviour
  warn(RuntimeWarning(msg))

then this

proxy --cert-file https-cert.pem --key-file https-key.pem
2022-09-08 15:21:39,774 - pid:460786 [I] plugins.load:85 - Loaded plugin proxy.http.proxy.HttpProxyPlugin
2022-09-08 15:21:39,775 - pid:460786 [I] tcp.listen:80 - Listening on 127.0.0.1:8899
2022-09-08 15:21:39,787 - pid:460786 [I] pool.setup:105 - Started 8 acceptors in threadless (local) mode
2022-09-08 15:21:54,370 - pid:460795 [I] server.access_log:384 - 127.0.0.1:60602 - CONNECT httpbin.org:443 - 5556 bytes - 11056.67ms
2022-09-08 15:22:57,433 - pid:460789 [I] server.access_log:384 - 127.0.0.1:60604 - CONNECT httpbin.org:443 - 5556 bytes - 11493.73ms

and when I try to connect to it via curl nothing happens

curl -V -x https://localhost:8899 --proxy-cacert https-cert.pem https://httpbin.org/get

and when i try with another software, i get this

2022-09-08 15:24:01,473 - pid:460795 [E] fd.work:48 - Exception occurred during initialization
Traceback (most recent call last):
  File "/home/t/.local/lib/python3.8/site-packages/proxy/core/work/fd/fd.py", line 45, in work
    self.works[fileno].initialize()
  File "/home/t/.local/lib/python3.8/site-packages/proxy/http/handler.py", line 63, in initialize
    super().initialize()
  File "/home/t/.local/lib/python3.8/site-packages/proxy/core/base/tcp_server.py", line 129, in initialize
    conn = self._optionally_wrap_socket(self.work.connection)
  File "/home/t/.local/lib/python3.8/site-packages/proxy/core/base/tcp_server.py", line 240, in _optionally_wrap_socket
    conn = wrap_socket(conn, self.flags.keyfile, self.flags.certfile)
  File "/home/t/.local/lib/python3.8/site-packages/proxy/common/utils.py", line 232, in wrap_socket
    return ctx.wrap_socket(
  File "/usr/lib/python3.8/ssl.py", line 500, in wrap_socket
    return self.sslsocket_class._create(
  File "/usr/lib/python3.8/ssl.py", line 1040, in _create
    self.do_handshake()
  File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:1131)

Version information

  • OS: Ubuntu 20.04
  • proxy.py Version 2.4.3

thank you

tawmoto avatar Sep 08 '22 12:09 tawmoto