I am trying to set up a proxy server using mitmproxy that can handle HTTP endpoints and transparently forward requests to another proxy (Proxy B).
Here's what I need:
- No requirement for clients to install certificates or validate self-signed certificates.
- Allow "curl -x http://my-proxy:port https://www.example.com" to work, where the HTTPS handshake happens directly with the destination server (e.g., Example.com).
- I don't need to decrypt or read the traffic. However, I want a log of the requests, such as the HTTP response code (e.g., 200) and possibly the size of the request.
What I Tried:
Regular Mode:
I managed to get it working partially. However, HTTPS requests fail due to certificate issues (since the mode isn't transparent and requires certificate installation).
Transparent Mode:
I attempted to set up a transparent proxy, but the configuration causes an infinite loop.I tested this on both version 11 and version 10 of mitmproxy but encountered the same issue. I also opened an issue regarding this problem but haven't found a resolution yet.https://github.com/mitmproxy/mitmproxy/issues/7369
Question
How can I configure mitmproxy to handle HTTPS requests transparently (with no certificate validation required on the client) and log the response details, such as status codes and request sizes? Are there specific configurations or alternative approaches to achieve this?
On some sites, I read about keeping the proxy in "regular" mode, removing the Host header, replacing it with the proxy's host, and then restoring the original Host header upon receiving the response. However, I couldn't make it work. Could you explain this approach in more detail?