Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

中间人对HTTPS只能伪造吗,要怎么样才能获取到HTTPS的响应HTML? #4

Open
dabpop139 opened this issue Sep 14, 2018 · 0 comments

Comments

@dabpop139
Copy link

在代码Chapter4中只实现了返回伪造的响应内容,要如何才能获取到真实请求地址的响应HTML代码呢?
如果可以希望你指点一下,非常感谢。
还有一处疑问,为什么这在SNICallback回调中又要重新再生成一次证书呢?不能直接使用上文的fakeCertObj证书吗?

var fakeServer = new https.Server({
    key: fakeCertObj.key,
    cert: fakeCertObj.cert,
    SNICallback: (hostname, cback) => {
        let certObj = createFakeCertificateByDomain(caKey, caCert, hostname);
        cback(null, tls.createSecureContext({
            key: pki.privateKeyToPem(certObj.key),
            cert: pki.certificateToPem(certObj.cert)
        }));
    }
});
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant