Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Proxy with HTTPS
« previous
next »
Print
Pages: [
1
]
Author
Topic: Proxy with HTTPS (Read 4599 times)
croberti
Newbie
Posts: 5
Karma: 0
Proxy with HTTPS
«
on:
March 10, 2017, 04:13:52 pm »
Hi, I'm new to OPNsense and I'm trying to use it and its proxy to allow web access to users only to some site and the most important use HTTPS protocol.
Unfornatly it does not work, every time I receive the message that the connection is no secure (does not accept exception) or not event propose exception saying the site is using HSTS (HTTP Strict Transport Security).
I attached my configurarion, hope someone can help me.
Bye, Claudio.
Logged
guest15389
Guest
Re: Proxy with HTTPS
«
Reply #1 on:
March 10, 2017, 04:36:39 pm »
Did you step through the guide? Have you installed the certificates on the clients?
https://docs.opnsense.org/manual/how-tos/proxytransparent.html
Logged
croberti
Newbie
Posts: 5
Karma: 0
Re: Proxy with HTTPS
«
Reply #2 on:
March 10, 2017, 04:53:10 pm »
Yes, I followed the guide and tried installing the certificate in OS (Win 10, right click then install) and in browser but nothing worked.
With an HTTPS site it propose me to acquire the certificate but then it say
>The following error was encountered while trying to retrieve the URL:
https://x.xx.xxx.xx/
*
>
> Access Denied.
>
>Access control configuration prevents your request from being allowed at this time. Please contact your service >provider if you feel this is incorrect.
like it was not in whitelist, but the same site is accessed well in HTTP.
Thanks, Claudio.
Logged
guest15389
Guest
Re: Proxy with HTTPS
«
Reply #3 on:
March 10, 2017, 05:12:11 pm »
I think you need to validate you have the certificate installed as it looks like you are getting an error based on that. Sadly, I have a Mac so I can't confirm exactly how to install.
From poking around, it looks like you need to hit Internet Options-> Content -> Certificates
Screenshot from my VM looks like:
Logged
croberti
Newbie
Posts: 5
Karma: 0
Re: Proxy with HTTPS
«
Reply #4 on:
March 10, 2017, 05:20:58 pm »
I tried to import this way but nothing changed, hope someone have some ideas.
Thanks anyway.
Claudio.
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Proxy with HTTPS
«
Reply #5 on:
March 10, 2017, 08:06:47 pm »
Windows has a management console (MMC) called certificate manager. Ensure that your certificate is under something called trusted root CAs.
However from the screenshot it looks like you use domain only so you don't need to import a certificate. The screenshot says not connected which may make it more likely that you are not able to
a) resolve names or
b) have an IP address problem
Logged
croberti
Newbie
Posts: 5
Karma: 0
Re: Proxy with HTTPS
«
Reply #6 on:
March 13, 2017, 09:56:42 am »
It turned out that the problem was not with https but with white and black lists in ACL.
I want to allow only some site in the form of http://*.domain.com/* and https://*.domain.com/*, can someone help me with white and black lists in ACL. I found that ^. in black list block all site, but then also white listed sites are blocked.
Bye, Claudio.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Proxy with HTTPS