Use this as a proxy to old SSL/TLS server?
parkerlreed opened this issue · 2 comments
parkerlreed commented
I have a Wyse thin client running a web management console on https 443
Nothing in the modern age will talk to it as it's using a very old SSL/TLS self-signed cert from 2011.
I tried using ssl-proxy to connect but still run into issues with the old ciphers not being accepted. Is there any way to do this?
(130)(deck@steamdeck Documents)$ ./ssl-proxy-linux-amd64 -from 127.0.0.1:4430 -to https://192.168.100.37:443
2023/06/16 19:27:37 No existing cert or key specified, generating some self-signed certs for use (cert.pem, key.pem)
2023/06/16 19:27:37 SHA256 Fingerprint: DE 64 E7 91 F8 AE 49 4C C9 5A 11 3E 78 5E 17 BD A4 F1 8F 30 CB 6E 8B AD 87 86 9A 87 F5 CC 14 8A
2023/06/16 19:27:37 Proxying calls from https://127.0.0.1:4430 (SSL/TLS) to https://192.168.100.37:443
2023/06/16 19:27:48 http: TLS handshake error from 127.0.0.1:44164: remote error: tls: unknown certificate
2023/06/16 19:27:50 http: TLS handshake error from 127.0.0.1:58938: remote error: tls: unknown certificate
2023/06/16 19:27:50 http: proxy error: tls: server selected unsupported protocol version 300
suyashkumar commented
Can you run the web management console without those self signed certs on a non-public localhost port and use ssl-proxy on the same machine to add SSL for incoming requests?
parkerlreed commented
The web console is contained to the unit on the local network.
It supports SSLv3 and TLS 1.0
I don't have a way of running it on the same machine. ssl-proxy is running on my laptop on the same network.