Proxy and MITM Considerations

1 min read SSL/TLS & Certificates

Proxy and MITM Considerations

Corporate proxies and security appliances performing SSL inspection create certificate challenges. Applications must handle proxy certificates while maintaining security. Distinguish between legitimate proxies and attacks.

Handle proxy environments:

# Environment variables for proxy configuration
export HTTP_PROXY=http://proxy.company.com:8080
export HTTPS_PROXY=http://proxy.company.com:8080
export NO_PROXY=localhost,127.0.0.1,internal.company.com

# Python with proxy
proxies = {
    'http': 'http://proxy.company.com:8080',
    'https': 'http://proxy.company.com:8080',
}

# Include proxy CA certificate
response = requests.get('https://external-api.com', 
                       proxies=proxies,
                       verify='/etc/ssl/certs/company-proxy-ca.crt')

# Java proxy configuration
System.setProperty("http.proxyHost", "proxy.company.com");
System.setProperty("http.proxyPort", "8080");
System.setProperty("https.proxyHost", "proxy.company.com");
System.setProperty("https.proxyPort", "8080");