[HTTPS-Everywhere] Intercepting proxy - Does SSL Observatory work?
Maciej Soltysiak
maciej at soltysiak.com
Tue May 23 03:01:55 PDT 2017
Hi,
My company is implementing blue coat intercepting proxy to scan for malware.
The proxy intercepts TLS connections, on-the-fly generates a cert and does
MITM.
The clients are supposed to have certs installed to be fooled by the proxy.
Now, in Firefox, I installed the certs of the decryptor, installed HTTPS
Everywhere, enabled SSL Observatory, asked it to check certs even if not on
Tor and have:
* Submit and check self-signed cerst
* Submit and check certificates signed by non-standard root CAs.
I would've expected SSL Observatory to warn me that my connection is
tampered with, yet it doesn't.
Any advice, please? Are the SSL Observatory checks using the firefox proxy
settings?
Best regards,
Maciej
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/https-everywhere/attachments/20170523/7f6567b3/attachment.html>
More information about the HTTPS-Everywhere
mailing list