How to capture HTTPS requests with espconn?

Question

The following code allows to capture all requests coming to my esp8266 (running NodeMCU) and show my own page:

static int enduser_setup_dns_start(void)
{
  state->espconn_dns_udp = (struct espconn *) c_malloc(sizeof(struct espconn));
  esp_udp *esp_udp_data = (esp_udp *) c_malloc(sizeof(esp_udp));

  c_memset(state->espconn_dns_udp, 0, sizeof(struct espconn));
  c_memset(esp_udp_data, 0, sizeof(esp_udp));
  state->espconn_dns_udp->proto.udp = esp_udp_data;
  state->espconn_dns_udp->type = ESPCONN_UDP;
  state->espconn_dns_udp->state = ESPCONN_NONE;
  esp_udp_data->local_port = 53;


  return 0;
}

It captures http://example.com, but doesn't capture https://example.com. How could I fix it?

Answer 1

Intercepting HTTPS requests isn't possible unless you have your certificate authority set up on every client computer (and even then not for any sites that use HSTS or HPKP - that's quite a few)

The whole point of SSL / HTTPS is that the clients know that they're talking to the website they think they're talking to. Without that website's certificate and private key, you cannot impersonate it without generating errors.

Wifi captive portals (etc) typically ignore HTTPS requests, and wait for the first insecure HTTP request. Most devices when connecting to a new wifi network will try to loading a HTTP page, and if they find a captive portal create a notification / show it to the user