Proxies and SSL?

[CTho9305]

How does SSL work with proxies? Does the client encrypt data using a key that the proxy knows (e.g. client encrypts, proxy decrypts, proxy encrypts, server decrypts), or does the proxy blindly pass data it can't decrypt?

 

[WarmAndSCSI]

I believe the client still uses the HTTPS server's key, so it's more of a transparent SSL thing. I'm assuming this because if you look at the certificate properties (the lock icon in IE) on a client using an HTTPS proxy, it shows the same key info as any other HTTPS client does.

 

[Nothinman]

the proxy blindly pass data it can't decrypt?

Otherwise the security would be pointless as anyone could use a transparent proxy between you and the server to see what you're doing.

 

[CTho9305]

Thought so. Thanks.