Proxying HTTPS requests#

Camilla Proxy can proxy HTTPS requests in a transparent way.

How HTTPS requests are proxied#

Camilla Proxy generates a custom CA-root certificate and installs this on your server during its installation. This ensures your application is talking to trusted-servers only.

No more --insecure#

Sometimes you need to configure your application to disable the verification of SSL certificates when using a proxy. While not a setting that you see on production very often, disabling certificate verification means that you can’t trust the server you are talking to.

CA-root certificate files#

For Debian/Ubuntu you can find the custom CA-root certificates in the folder: /usr/local/share/camilla/certificates/

There are two files in this folder:

  1. camilla-proxy-cert.pem: The public key that client servers should install
  2. camilla-proxy-key.crt: The private key, you don’t need to touch this.