distinguishing http and https connections
A. Schulze
sca at andreasschulze.de
Fri Aug 23 10:12:58 UTC 2019
dy1977--- via Unbound-users:
> 1) Is it possible to distinguish, at the level of the "operate" function
> in the python script, if the connection is http or https ?
no, there is no indication about the purpose a client ask for a DNS-Record
and indent to use the answer.
> 2) Is there any hope to find a way to display an error page instead of
> the great warning when an https connection has been redirected to either
> 127.0.0.1 or 192.168.1.184 ? I tend to think it is not possible, and I
> would prefer not to spend hours around a chimer. I have tried to use the
> unbound generated certificate and an autosigned apache certificate. Is
> it useful to try with a certificate given by Let'sencrypt ? I don't know
> enough about ssl, but I guess the browser cannot be happy to see a
> certificate (even if it is valid) which has nothing to do with the site
> it is trying to connect with.
that's why DNS interception will create trouble. A Browser like to connect
to https://example.org, send the simple question mentioned above, got
a faked answer from DNS
and still expect to connect to https://example.org
An now think what certificates was build for: to proof, the client is
connected to the /right/ server...
( ok, not a perfect world ... )
unbound can't help here, it's the wrong layer ...
Andreas
More information about the Unbound-users
mailing list