Closed hongyi-zhao closed 4 days ago
Not yet. How do I get a secure TLS certificate for localhost/127.0.0.1 ?
As I understand it, this may require obtaining the system CA private key to issue the certificate, which is a privilege requirement.
Suppose I've done the following settings:
# 安装 mkcert,在 Ubuntu 上:
sudo apt install mkcert
# 安装 mkcert 的根证书
mkcert -install
# 为 localhost 和 IP 地址创建证书
mkcert localhost 127.0.0.1 ::1
Then what should I do now?
Do you want to enable HTTPS service when providing a TLS certificate? it's possible, but not supported yet.
My main confusion right now is: Since Bridge currently does not support TLS certificates, is it secure to access HTTPS services through Bridge's proxy?
It is secure for accessing HTTPS services, but not for the proxy auth and the destination address
If it is localhost, it is absolutely secure
You can try adding --debug
to the bridge, which will output traffic at the terminal.
It is secure for accessing HTTPS services, but not for the proxy auth and the destination address If it is localhost, it is absolutely secure
So, if the destination address is not localhost, say www.google.com
in this case, do security concerns still exist?
If the HTTP proxy is local, it is secure.
Thank you for your clarification. Therefore, in my case, there is no need to bother with HTTPS proxy protocol when calling bridge.
Is it possible to work with https protocol in this case?
Regards, Zhao