Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How do I add an upstream certificate for proxy chaining? #221

Closed
mspublic opened this issue May 3, 2024 · 2 comments
Closed

How do I add an upstream certificate for proxy chaining? #221

mspublic opened this issue May 3, 2024 · 2 comments

Comments

@mspublic
Copy link
Contributor

mspublic commented May 3, 2024

Hello @zh-jq
We are trying to debug some issues with our environment. We would like to setup g3 as part of a proxy chain with the upstream proxy also doing MITM. But haven’t figured out how to configure g3 to trust the upstream rootCA. Your advice on how to configure this would be much appreciated.

thanks!
@zh-jq
Copy link
Collaborator

zh-jq commented May 6, 2024

you can set tls interception client config in auditor like this:

tls_interception_client:
  ca_certificate: /path/to/cert.pem # or the pem string

or you can add that cert to the openssl trust store

@mspublic
Copy link
Contributor Author

Thanks! We were doing it in tls_client.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mspublic @zh-jq