Default SSL Settings

[JJoe]

(Oct. 09, 2010 01:28 PM)Mele20 Wrote:  Is that because "use half SSL" is checked by default in the header filters and I have never unchecked it? Why is it checked by default since a user would have to install the proper SSL dlls for it work? It should be unchecked by default.

The filter in question (this ones from prox-config-sidki-2005-02-22.zip) looks like

Code:

In = FALSE
Out = FALSE
Key = "! |||||||||||| 1.3 Use Half-SSL     5.01.12 [jjoe] (o.2) (Out)"
URL = "$SET(keyword=$TST(keyword=(^*.i_ssl_h:)\1)\1i_ssl_h:1.)

Please note that:
Both the In and Out are "FALSE". "TRUE" enables a filter.
The filter has not changed significantly.
I'm very sure it isn't checked by default.

Half-SSL requires a number of filters and adjustments. We thought it would be best if these filters and adjustments were controlled by a single 'switch' that users must enable. The "Use Half-SSL" header filter contains that switch and thus allows users to enable Half-SSL as their base setting.

(Oct. 09, 2010 01:28 PM)Mele20 Wrote:  I see 4 header filters for half SSL. I had one unchecked. The others are checked. It is not at all clear that I need to immediately uncheck all 4 upon installing the Sidki filters. To me, Scott's strong warning against using Proxo for SSL sites would mean that by default NO SSL filters are checked! I also see that I have 2 half SSL (as I said I have no idea what half SSL is as opposed to full SSL) checked in Web filters. So, I should uncheck those?

You can uncheck all if you wish but I don't think it is necessary. Should you want to selectively apply Half-SSL later, you may have to reenable all that you disable.

(Oct. 09, 2010 01:28 PM)Mele20 Wrote:  I periodically get errors regarding Proxo and it popping up and saying it needs SSLLeay dll filters.

http://proxomitron.info/45/help/URL%20Commands.html

SRL Wrote:http://https..www.host.com/some/secure/webpage

Use to load a 'secure' https: web page without having the local page encrypted. Can be use to access secure pages from browsers that don't directly support https, or to avoid the normal https warning messages a browser may spit out. The actual remote connection is still encrypted, but Proxomitron sends the decrypted and filtered page to your browser. Note: requires SSLeay/OpenSSL .dll files to work.

Your browser may be trying to load Half-SSL links (http://https..) embedded in the page.
It's probably nothing to worry about but somebody would probably look at the page flagging the error if you reported it.
The set could disable the Proxomitron's URL based commands by default but I don't think that is necessary.


HTH

Edit: I believe Half-SSL links will generate the errors when the DLLs are missing or incompatible, regardless of the "Use SSLeay/OpenSSL" setting. I'll create another topic in Proxomitron Program when I get a chance.