https://github.com/ghusta/http-proxy-with-java

Testing HTTP(S) proxy with Java
https://github.com/ghusta/http-proxy-with-java

http java proxy

Last synced: 3 months ago
JSON representation

Testing HTTP(S) proxy with Java

• Host: GitHub
• URL: https://github.com/ghusta/http-proxy-with-java
• Owner: ghusta
• Created: 2018-06-04T14:31:43.000Z (almost 7 years ago)
• Default Branch: master
• Last Pushed: 2018-06-06T13:47:03.000Z (almost 7 years ago)
• Last Synced: 2025-01-06T22:36:00.567Z (5 months ago)
• Topics: http, java, proxy
• Language: Java
• Size: 25.4 KB
• Stars: 1
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.adoc

Awesome Lists containing this project

README

        
= Overview

:author: Guillaume Husta

:toc: auto

:toclevels: 3

:icons: font

Testing HTTP(S) proxy with Java.

== References

* https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html[Java Networking and Proxies]

** *2) System Properties* :

*** HTTP : `http.proxyHost`, `http.proxyPort`, `http.nonProxyHosts`

*** HTTPS : `https.proxyHost`, `https.proxyPort`

*** etc.

** *3) Proxy class* : `DIRECT`, `HTTP`, `SOCKS`

** *4) ProxySelector* : used in conjunction with system property `java.net.useSystemProxies`

Example :

_So, in order to create an HTTP proxy object you would call:_

[source,java]

----

SocketAddress addr = new InetSocketAddress("webcache.example.com", 8080);

Proxy proxy = new Proxy(Proxy.Type.HTTP, addr);

----

== Tools

=== mitmproxy

*mitmproxy* is a free and open source interactive HTTPS proxy.

See : https://mitmproxy.org/[https://mitmproxy.org/]

==== Modes of Operation

The client side is used in our case. We can use `regular` or `upstream` modes.

See : https://docs.mitmproxy.org/stable/concepts-modes/

For example, the upstream mode :

image::doc/media/proxy-modes-upstream.png[Upstream Proxy]

== FAQ

=== Potential errors

==== PKIX path building failed / unable to find valid certification path to requested target

Trace :

``

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

``

Reason :

A certificate is necessary for accessing HTTPS urls with the JVM.

Solution :

See :

* https://docs.mitmproxy.org/stable/concepts-certificates/

* https://docs.oracle.com/cd/E19906-01/820-4916/6ngbm6hri/index.html[Installing a Root Certificate (HTTPS Only)]

* https://docs.microsoft.com/fr-fr/java/azure/java-sdk-add-certificate-ca-store[Adding a root certificate to the Java CA certificates store]

How to :

Check the https://docs.oracle.com/javase/8/docs/technotes/tools/unix/keytool.html[keytool] syntax :

```

keytool -importcert -help

```

NOTE: `-import` is an alias for `-importcert`.

Import the certificate for Java :

```

keytool -importcert -trustcacerts -alias mitmproxyca -file ./mitmproxy-ca-cert.cer -keystore ./mitmproxycacert.jks -noprompt

```

WARNING: If having this problem : _ERROR "keytool : java.util.IllegalFormatConversionException: d != java.lang.String"_

Try adding `-J-Duser.language=en` to the command.

Check it's OK :

```

keytool -list -keystore ./mitmproxycacert.jks [-rfc]

```

Then to make it work with Java, we can use the following system properties :

* `javax.net.ssl.trustStore` : location of the trust store

* `javax.net.ssl.trustStorePassword` : password for the trust store

==== Test with proxy returns HTTP 502 instead of 200

Maybe _mitmproxy_ is badly configured.

HTTP code 502 means `Bad Gateway or Proxy Error`.

Here is an example of what is logged on the _mitmproxy_ side :

```

GET https://github.com/

    ← Server connection to ('github.com', 443) failed: Error connecting to "github.com": [Errno -3] Try again

```

_Generated with Asciidoctor {asciidoctor-version}_