Do SOCKS proxy servers exist that have SSL support?

Question

I came across an open source SOCKS client library that supports connecting to a SOCKS proxy using a trustmanager key to verify the remote server.

However, I have been unable to find SOCKS proxy servers that support this. Are these available at all commercial or not?

The library in question is sockslib (Java), which sports this specific client example.

A related question: with this specific library, it is possible to define both a keymanager key (in addition to the trustmanager key) as well as normal credentials. Does this make sense for SOCKS servers?

Answer 1

WinGate SOCKS server supports accepting a connection (TCP) and immediately performing a TLS handshake on it prior to SOCKS protocol.

It also supports authenticating to the SOCKS server using client certificates. Or you can just do plaintext (or even GSS-API) auth after that.

Note that this is NOT the method proposed in draft-aft-socks-ssl-00 in 1997 which proposed layering TLS over the top of SOCKS framing (IMO an unnecessarily complicated way of doing it, which only provides a single benefit - being able to negotiate SSL or not - with a lot of down-sides).