Dealing transparent SSL (MAN-IN-THE-MIDDLE) mode with chrome


When activating Proxy in transparent mode and enable the SSL, you will see that some websites could not be correctly displayed.
Especially when using Chrome Browser

18-08-2014 14-27-21Enable the SSL transparent method.

By default, if there is no rule in “Network rules” section, both HTTP and SSL are enabled by default in transparent mode.
But if there is a  rule in this section, then you have to define yourself the transparent method. ans default settings will be not applied.

  • Click on the “Network rules” tab
  • On the table click on  new Network
  • On destination port, type 443 for the SSL port.
  • Enable the Transparent checkbox.
  • Enable the use the SSL Encryption.
  • Do the same for the HTTP ( port 80 )

18-08-2014 17-11-16

  • This rule will force all external connections to 443 port to be forwarded to the SSL proxy.

18-08-2014 17-19-17

  • Click on Apply button in order to make rules in production mode.
  • Now, on your computer, define the default gateway as Artica proxy and run your Chrome browser.
  • You will see that Chrome is not agree to using MAN-IN-THE middle for google Webistes.

18-08-2014 17-21-41

  • Return to the rules on Artica.
  • Create a new rule
  • Under destination, just set “google
  • Set 443 under destination port
  • Uncheck the Transparent checkbox.
  • Check the Use the SSL encryption checkbox.

18-08-2014 17-26-40

  • This rule will force Artica to bypass the SSL proxy for some google websites that enforce the certificate verification.

18-08-2014 17-54-59

  • Click on Apply to build your rules.
  • You will see Chrome happy ! and others websites still hooked by the SSL proxy in transparent mode.

 

Available macros are google, teamviewer, office365, skype, dropbox

 

 

 

 

Leave a comment