Search…
README
How to read this book
The cURL project
Network and protocols
Install curl
Source code
Build curl
Command line basics
Using curl
Verbose
Version
Persistent connections
Downloads
Uploads
Transfer controls
Connections
Timeouts
.netrc
Proxies
Discover your proxy
PAC
Captive portals
Proxy type
HTTP proxy
SOCKS proxy
MITM proxy
Authentication
HTTPS proxy
Proxy environment variables
Proxy headers
Exit status
SCP and SFTP
Reading email
Sending email
MQTT
TFTP
TELNET
DICT
TLS
Copy as curl
HTTP with curl
FTP with curl
Using libcurl
HTTP with libcurl
Bindings
libcurl internals
Index
Powered By GitBook
MITM proxy
MITM means Man-In-The-Middle. MITM proxies are usually deployed by companies in "enterprise environments" and elsewhere, where the owners of the network have a desire to investigate even TLS encrypted traffic.
To do this, they require users to install a custom "trust root" (Certificate Authority (CA) certificate) in the client, and then the proxy terminates all TLS traffic from the client, impersonates the remote server and acts like a proxy. The proxy then sends back a generated certificate signed by the custom CA. Such proxy setups usually transparently capture all traffic from clients to TCP port 443 on a remote machine. Running curl in such a network would also get its HTTPS traffic captured.
This practice, of course, allows the middle man to decrypt and snoop on all TLS traffic.
Previous
SOCKS proxy
Next
Authentication
Last modified 7mo ago
Export as PDF
Copy link
Edit on GitHub