Please note that RebexTinyTlsProxy
does not behave like SOCKS
or HTTP
proxy. It simply forwards connections on specific port(s) to predefined host(s).
Also please note that RebexTinyTlsProxy
does not analyze HTTP traffic, so it cannot forward connections to variable hosts based on the HTTP Host
header.
Situation in which RebexTinyTlsProxy
can help:
- You have a single site (or finite number of known sites) you want to handle.
- You can route connections of your site (e.g.
mysite.com
) to IP address where RebexTinyTlsProxy
is listening (e.g. using hosts file on Windows).
Run the proxy with command like this:
RebexTinyTlsProxy.exe -toTLS TLS12-TLS13 80:mysite.com:443 -forever
And update your c:\Windows\System32\drivers\etc\hosts
file like this:
192.168.1.2 mysite.com
Then you can access http://mysite.com
on your machine, which will be routed through the proxy (and secured with TLS 1.2 or 1.3) to real https://mysite.com
.
Limitations:
- Proxy must be run on different machine, because of mapping
80:mysite.com:443
- To run the proxy on the same machine as browser, different mapping would be used, e.g.
80:1.2.3.4:443
and proxy would need to be updated to specify correct hostname for 1.2.3.4
IP address.
- Since you will access target site on port 443, the links in the site will be prefixed with
https://
scheme, but you would need to access the site using http://
scheme.
- To solve this issue, the proxy would need to be updated to support "TLS to TLS translation" (TLS adapter).
Note: Both limitations are solved in the full TLS Proxy product.