test

Sun Java System Web Proxy Server 4.0.3 2006Q2 Administration Guide

ProcedureTo configure SSL tunneling

Steps

  1. Access the Server Manager for a server instance and click the Routing tab.

  2. Click the Enable/Disable Proxying link.

  3. Select the connect://.*.443 resource from the drop-down list.

    The connect:// method is an internal proxy notation and does not exist outside of the proxy. See the following description in Technical Details for SSL Tunneling for more information about connect. To allow connections to other ports, you can use similar URL patterns in a template. For more information about templates, see Chapter 16, Managing Templates and Resources.

  4. Select Enable Proxying Of This Resource and click OK.

    Caution – Caution –

    If the proxy is misconfigured, it is possible to abuse the SSL proxy to achieve telnet hopping. Someone can use the proxy to make it appear that a telnet connection is coming from the proxy host, rather than the actual connecting host. This is why you must allow no more ports than absolutely necessary, and use access control on your proxy (restricting the client hosts).