Menu
I have seen an example of using socat to accept ssl TCP traffic and forward the traffic to a non-ssl host:
socat TCP-LISTEN:443,reuseaddr,fork "^OPENSSL-SERVER,cert=server.pem | TCP:somehost:80"
Is it possible to do the opposite? I.e. I have a remote host that is ssl enabled and requires a client certificate, but my client is only able to connect via non-ssl connections.
I understand the security implications of this approach.
743
If the file does not exist, socat creates it. The option reuseaddr allows an immediate restart of the server process.
Netcat and Socat allows you to pass simple messages between computers interactively over the network. The below setup will allow both client and server to send data to the other party.
Socat is a multi-purpose relay tool, which means it is a more comprehensive tool than netcat. Netcat's design allows it to be a simple TCP and UDP client or server, while socat is more of a feature-rich proxy and multi-directional data transfer tool that supports multiple options and methods of invocation.
The answer for me was:
$ socat TCP-LISTEN:51000,fork,reuseaddr OPENSSL:remotehost:51000,cafile=certificate.pem,verify=0
The certificate didn't match the hostname so I had to switch off verification (verify=0)
145
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With