I downloaded the app Charles Proxy, I added the certificate and I can confirm that the Charles certificate is in my certlm (Certificate Manager) in the "Trusted Root Certification" folder, I had also enabled SSL Proxying to include this location: "*:443" which I believe means that I want to see all data coming in.
I'm not sure what the problem is, but whenever I open up Charles Proxy, it doesn't allow me to access any websites, all the data coming in Charles is coming in as status: "Blocked"
I'm using Windows 10 if that helps. I didn't have this issue on MacOS, Help is appreciated!
Here was the solution to my problem:
First quit Charles. Then go to the Internet Options in your Control Panel. Go to the Connections tab. Click on the LAN Settings. You’ll see a Proxy panel. Uncheck the Use a Proxy checkbox. Click OK until you’ve closed the Internet Options.
Then opened up Charles Log, go to Tools -> Allow List and make sure "Enable Allow List" is unchecked.
I suggest you check Windows proxy settings as your applications are most probably trying to communicate on a wrong IP/port proxy address matching.
Open cmd (Windows+R, cmd, Enter).
Execute:
rundll32.exe shell32.dll,Control_RunDLL inetcpl.cpl,,4
Click on LAN settings, then check Use a proxy server for your LAN.
Click Advanced button near Address and Port labels.
Define your addresses and ports here. I once had a task that required me to check all incoming and outgoing HTTP/HTTPS connections from my machine, so I set on HTTP field the address 127.0.0.1 with port 8888 and checked the option "Use the same proxy server for all protocols". If you want a finer control, you leave this option unchecked set different ports to handle FTP and Socks connections. Those ports are used by Charles. Check those settings in Charles Proxy as well!
Click Ok, then click Ok again.
On Charles, in Proxy-Proxy settings, make sure the port numbers are the same for the relative protocols as you set up before in the Windows proxy page.
I personally have never used Charles on a Windows machine but it sounds like your browser isn't configured to run through the proxy. Firefox use to have an add-on for Charles but now you have to manually enter the proxy ip to intercept the data. I'm not sure if you can use any other browsers on Windows with Charles, but use Firefox and go to Preferences > Network Settings > Manual Proxy Configuration and add your machine's ip address and the default Charles port 8888. Also make sure to check the checkbox to allow HTTPS. Save these changes and you should be good to go.
I don't have a Windows machine to try any of this out, but I've always found the documentation helpful.
There may be something that you've overlooked in the configuration, ssl proxying or ssl certificates sections.
Related
I use my home network (ATT U-Verse) to serve my ASP .NET website on a Windows 8.1 Pro machine with IIS 8.5. Because Chrome requires https for doing audio recording, I want to move to https. I followed the instruction video at https://www.netometer.com/blog/?p=1758 , and everything corresponds (IIS showing that I have a certificate in the bindings and an entry for port 443) until I test the actual https link in a browser (on the server itself, on an other machine on the home network, or externally via my phone with data), which gives me a "This page can’t be displayed" or equivalent message. I added port 443 to the Norton firewall rule I already had. The http access still works, however. Netmon 3.4 shows no TLS or SSL traffic. I also tried disabling the Norton firewall temporarily. This leads me to believe that the problem is that either the ATT NVG510 router I have is blocking port 443, or that ATT itself is blocking it. Looking at the router settings on the Packet Filter page, it seems none of the default "Drop" rules are enabled, and there is an "Enable Packet Filters" button. Do I specifically have to set up a "Pass" rule?
Does anyone have any ideas on what I could do? Can I actually do https on my home server? My web site is www.jtlanguage.com . Sorry if this is the wrong place to put this. I'm a programmer trying to do some IT.
Thanks.
-John
Turns out I wasn't doing port forwarding. For NVG510 users this is done by going to the router page in the browser to firewall->NAT/Gaming page and adding a hosted application referencing the HTTPS service and the web server machine name.
I have set up Subversion on my system. Without any changes its working fine on localhost. Now I want to access it from another network e.g outside my home network.
I tried to access it from global ip 116.128.**.**:3343/csvn/repository but nothing happens. And when I try to checkout in Eclipse it shows an error:
Target machine actively refused the connection.
I have also added the port no. in router.
As far as I see, the URL you've specified goes to your Subversion server's control panel, not repositories. I've found this:
By default, the Subversion Edge admin console listens for requests on
two ports:
3343 - This is the plain HTTP port
4434 - This is the SSL HTTPS port
To solve the issue you have to
Go to the Control Panel with your web browser and check what port your Subversion server listens to, e.g. 443/8443 for HTTPS and 80/8080 for plain HTTP.
Make sure that the port is properly forwarded on your router to the machine where the SVN server is installed.
Make sure that local firewall allows inbound connections to your Subversion server on the selected port.
It can be caused by a lot of different problems. One of the most common problems is, the server is having a firewall (or behind a firewall) which blocks incoming connection of unallowed port.
I have recently switched from mac development environment to windows development environment. I was used Chrles proxy extensively to capture network traffic, requests and response details. Right now I have installed Charles proxy version 3.7 in windows 8. How ever I have observed that the website on which I am working is not opening at all with Charles proxy ON. It is showing below exception message. And it is working perfectly for all other websites.
Charles Error Report
Failed to connect to remote host
Charles failed to connect to the remote host. Check that your Internet
connection is ok and that the remote host is accessible. Maybe your
network uses a proxy server to access the Internet? You can configure
Charles to use an external proxy server in the External Proxy
Settings.
The actual exception reported was:
java.net.ConnectException: Connection timed out: connect Charles
Proxy, http://www.charlesproxy.com/
Research that I have done before coming to SE:
I have searched in google with the keyword "Charles Error Report-Failed to connect to remote host". I got couple of links which are related to the above issue.
First link says to check for external proxy setting. I have checked, there are no external proxy settings in my computer.
Second link says open the url in browser and close charles proxy and reopen it. I did that. Still no luck.
How to overcome this issue?
Do you get the same problem with other proxies like Fiddler? If so, it's probably not related to Charles but either a network problem or inability of your application to work with a proxy.
Other causes may be using HTTPS (which can cause certificate errors) or using the loopback address (localhost or 127.0.0.1) which may or may not be ignored by the proxy.
UPDATE
In IE10+ Enhanced Protection Mode prevents untrusted applications from accessing local resources. Pages and sites that are not in the Trusted Zone are considered unstrusted, so they can't connect to any local proxy. Fiddler includes a configuration button to configure Windows 8 to bypass this. You can find a very good explanation of what happens and why here.
In Windows 8, EPM is enabled only for Metro IE. In 8.1 it is enabled by default even for Desktop IE.
You may be able to make Charles work again simply by adding your site's address to the Trusted Zone in IE's security settings, or you can download the EnableLoopBackUtility mentioned in Configure Fiddler for Windows 8 Metro-style applications to allow IE to connect to your site through the local proxy
I have experienced this as a timing or caching related gremlin. For me, in most cases, this is resolved by doing force-reload a few times in the browser. Doing so is slightly different on each platform. In Mac/Chrome, holding down Command + Shift + R for a couple of seconds does the trick. In Win/IE, holding Shift and clicking the reload icon in the address bar a couple of times does it - in theory, Shift + F5 should do the same thing, but it does not work as well.
I have an AWS instance running Apache server.
Apache is running when accessed from the local machine.
RDP connection through the elastic IP is working.
Port 80 is open for the security group
However, the elastic IP is not accessible from the browser.
Any ideas?
It could be a Security Groups is not configured to allow HTTP.
Go to http://aws.amazon.com Sign in.
Click on EC2. Then click on Security Groups. Click on the Security Group that your instance is using.
Click on Inbound tab. Click on Edit button.
In here, add you IP address (or Anywhere) for HTTP.
Unfortunately, that is not enough information for me to provide a definitive answer.
Here are some questions you can ask to help you figure out what may be wrong, however:
What happens when you run telnet 50.40.30.20 80 (where
50.40.30.20 is your EIP)?
You mention that RDP is working, is this a Windows instance (which requires port 3389 to be open for RDP)? or is it a Linux instance that requires port 22 to be open for SSH?
If Linux, is SELinux running? If so, you may find
this helpful
in disabling it temporarily or permanently to see if it has an impact on your ability to hit Apache.
I am looking for a way to forward traffic from an application which goes to the web over port 443 to an instance of Fiddler running on my computer. Fiddler does not see this traffic while a packet trace application verified that the traffic is going out.
The application is foreign and I am not able to modify how it requests and it is not going through Internet Explorer (or apparently any other browser). If this app is going to an ip address (ie. 66.xxx.xx.xx port 443) or to a named host (ie. https://www.anysite.com), is there a way to tell my computer to forward this traffic to Fiddler, ie. to localhost port 8888?
I am not sure I am using the right terminology to describe this but and ideas would be appreciated!
Thanks,
David
If you can't get the application itself to send traffic to localhost on a specified port, then you need something lower level than Fiddler. Try WireShark.
http://www.wireshark.com/
#David: What's the application in question? Virtually all applications can be proxied, because those that can't aren't usable from most corporate networks. In some cases, you have to make minor changes to the environment (e.g. setting the proxy for the JVM). Some details are here: http://www.fiddler2.com/fiddler/help/hookup.asp
Using Netmon or Wireshark, you should be able to determine whether or not the application in question is making a request directly to a fixed IP address, or more likely, doing a DNS lookup first. If it's doing a DNS lookup first, you could edit your Windows Hosts file so that whateverthehostis.com points at 127.0.0.1. Because the hosts file only maps host to IP and not port to port, you'll need to adjust Fiddler to run on the target port that the application is looking for (use Tools > Fiddler Options for that).
Now, if the traffic is HTTPS (and I'm guessing it is) you're going to have a problem at that point, because Fiddler currently can only act as a HTTPS endpoint when it "knows" that the traffic is HTTPS by virtue of the client having opened a CONNECT tunnel first. This is something that could be adjusted in a future version of Fiddler, but it's not a common request.