Import PEM file from Proxy Server
-
- Posts: 2
- Joined: 2014/12/29 02:33:26
Import PEM file from Proxy Server
Good evening! My company uses a proxy server and that proxy server uses a SSL cert (company.pem) to intercept SSL traffic. Anyway, when I try to visit a SSL site or use wget on a SSL site (example: httpS://www.google.com), I get an error message that the cert for that site isn't trusted because it's trying to use my company's SSL cert (company.pem) instead of the site's SSL cert. I'm using Centos7 and I'm trying to import the PEM certificate our agency uses through command line. Can someone assist? Also, once imported, in what folder/file is the information stored? Thank you.
Re: Import PEM file from Proxy Server
You need to import the root (i.e.: CA) certificate that signed the companies certificate, into your browser (or whatever client you're connecting to http[s://www.google.com with. That should establish the trust.
Essentially what you're doing is exploiting the man in the middle weakness that SSL/TLS has (and what certificates where meant to solve).
Essentially what you're doing is exploiting the man in the middle weakness that SSL/TLS has (and what certificates where meant to solve).
-
- Posts: 2
- Joined: 2014/12/29 02:33:26
Re: Import PEM file from Proxy Server
I've been able to import it in my browser, but get error messages when trying to use wget and curl via command line. Is there a different process for that?
Re: Import PEM file from Proxy Server
Yes your browser and curl are not the same program! I think you may need to pass the ca-cert argument to curl.