search

droe / sslsplit

Transparent SSL/TLS interception
https://www.roe.ch/SSLsplit
BSD 2-Clause "Simplified" License
1.73k stars 327 forks source link

selective TLS interception #331

Open or-adar opened 10 months ago

or-adar commented 10 months ago

Hi! I'm looking at using sslsplit to analyze TLS traffic, however there are a few things I'm not sure whether they are supported:

  1. Does sslsplit support selective TLS? so tls traffic won't be intercepted for a list of domains that I can pass to it. if so, what should I pass or specify to skip tls inspection for the given domains?

  2. Can I offload the decrypted plain text to a different service and make additinal processings before they are being egressed? like analyzing the plain text and dropping the request and so on..

  3. If selective TLS inspection is supported, can I configure the list of domains (that I wish to skip inspection for) dynamically? if so, can it be done without stopping sslsplit? or there is no other way other than creating a new sslsplit process with the new configuration?

sonertari commented 10 months ago

See SSLproxy for answers to those questions. But SSLproxy does not support reloading proxyspecs and filtering rules (you should fully stop and restart sslproxy for that).