tags:

views:

873

answers:

1
Q: 

Accessing HTTPS site through Proxy Server

I am adding code to use a proxy server to access the Internet. The code works fine when requesting a file from a normal (HTTP) location, but does not work when accessing a secure location (HTTPS).

This is the code that works just fine:

URL = "http://UnSecureSite.net/file.xml"
Dim wr As HttpWebRequest = CType(WebRequest.Create(URL), HttpWebRequest)
Dim proxy As System.Net.IWebProxy
proxy = WebRequest.GetSystemWebProxy
wr.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials
Dim ws As HttpWebResponse = CType(wr.GetResponse(), HttpWebResponse)

// (more work here)

As soon as I change the URL to go to HTTPS, I get a 407 returned to me.

Anyone have any ideas?

URL = "https://SecureSite.net/file.xml"
Dim wr As HttpWebRequest = CType(WebRequest.Create(URL), HttpWebRequest)
Dim proxy As System.Net.IWebProxy
proxy = WebRequest.GetSystemWebProxy
wr.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials
Dim myCache As New CredentialCache()
myCache.Add(New Uri("https://SecureSite.net"), "Basic", New NetworkCredential(UserName, Password))
wr.Credentials = myCache
Dim ws As HttpWebResponse = CType(wr.GetResponse(), HttpWebResponse)

// (more work here)
+2  A: 

A HTTPS request through a web-proxy is different from a standard HTTP request. A regular HTTP request will use the GET method. However, a HTTPS request needs to use a CONNECT method. Then, the proxy will merely establish a tunnel to the server. Subsequent messages will be sent directly between the client and the server through the proxy tunnel. The proxy has no way of interpreting the data flowing in between.

Under normal situations:

Client -+- [CONNECT] ---> Proxy --- [DIRECT TCP] -+-> Server
        |                   |                     |
        +-------------[ENCRYPTED TCP]-------------+

I am not familiar enough with the VB code to know if that is what is happening. However, I suspect that it is not. The easiest way to check is to intercept the message being sent to the proxy. Make sure that it begins with a "CONNECT ...".

sybreon  2009-04-16 07:38:03
+1 Brilliant answer. I often wondered how HTTPS worked via a web proxy (in work!)
Dead account  2009-04-16 07:40:28

related questions

What are the most important functional differences between C# and VB.NET?
Setting Group Type for new Active Directory Entry in VB.NET
ASP.Net Datagrid: in Footer calculate Avg or Sum for column
Opening a file in my application from File Explorer
HTML Email Editor in a Windows Forms Application
Datatables, Dataviews and distincts! (ASP.Net/VB)
Naming convention for VB.NET private fields
Visual Studio - new "default" property values for inherited controls
Change the width of a scrollbar
Is String.Format as efficient as StringBuilder
Default Form Button in FireFox
VB.NET - IsNothing versus Is Nothing
'Break' equivalent keyword for VB
What is the best way to wrap time around the work day?
Best SVN Client Ignore Pattern for VB.NET Solutions?
Long-time LAMP Developer moving to VB.NET
What's the best way to find long-running code in a Windows Forms Application
What is the best way to deploy a VB.NET application?
'Best' Diff Algorithm
Setting Objects to Null/Nothing after use in .NET
CSV File Imports in .Net
How do you migrate a large app from VB6 to VB .net ?
Floating Point Number parsing: Is there a Catch All algorithm?
Decoding T-SQL CAST in C#/VB.net
Reliable Timer in a Console Application