Please note that RebexTinyTlsProxy does not behave like SOCKS or HTTP proxy. It simply forwards connections on specific port(s) to predefined host(s).
Also please note that RebexTinyTlsProxy does not analyze HTTP traffic, so it cannot forward connections to variable hosts based on the HTTP Host header.
Situation in which RebexTinyTlsProxy can help:
- You have a single site (or finite number of known sites) you want to handle.
- You can route connections of your site (e.g.
mysite.com) to IP address where RebexTinyTlsProxy is listening (e.g. using hosts file on Windows).
Run the proxy with command like this:
RebexTinyTlsProxy.exe -toTLS TLS12-TLS13 80:mysite.com:443 -forever
And update your c:\Windows\System32\drivers\etc\hosts file like this:
192.168.1.2 mysite.com
Then you can access http://mysite.com on your machine, which will be routed through the proxy (and secured with TLS 1.2 or 1.3) to real https://mysite.com.
Limitations:
- Proxy must be run on different machine, because of mapping
80:mysite.com:443
- To run the proxy on the same machine as browser, different mapping would be used, e.g.
80:1.2.3.4:443 and proxy would need to be updated to specify correct hostname for 1.2.3.4 IP address.
- Since you will access target site on port 443, the links in the site will be prefixed with
https:// scheme, but you would need to access the site using http:// scheme.
- To solve this issue, the proxy would need to be updated to support "TLS to TLS translation" (TLS adapter).
Note: Both limitations are solved in the full TLS Proxy product.