sslsplit icon indicating copy to clipboard operation
sslsplit copied to clipboard
verified publisher icon droe

selective TLS interception

Open or-adar opened this issue 2 years ago • 1 comments

Hi! I'm looking at using sslsplit to analyze TLS traffic, however there are a few things I'm not sure whether they are supported:

  1. Does sslsplit support selective TLS? so tls traffic won't be intercepted for a list of domains that I can pass to it. if so, what should I pass or specify to skip tls inspection for the given domains?

  2. Can I offload the decrypted plain text to a different service and make additinal processings before they are being egressed? like analyzing the plain text and dropping the request and so on..

  3. If selective TLS inspection is supported, can I configure the list of domains (that I wish to skip inspection for) dynamically? if so, can it be done without stopping sslsplit? or there is no other way other than creating a new sslsplit process with the new configuration?

or-adar avatar Aug 31 '23 11:08 or-adar

See SSLproxy for answers to those questions. But SSLproxy does not support reloading proxyspecs and filtering rules (you should fully stop and restart sslproxy for that).

sonertari avatar Aug 31 '23 17:08 sonertari