Skip to content
Qsslcauditproxy is a proxy wrapper for the qsslcaudit tool, which is available at
Branch: master
Clone or download

Latest commit

Fetching latest commit…
Cannot retrieve the latest commit at this time.


Type Name Latest commit message Commit time
Failed to load latest commit information.


Qsslcauditproxy is a proxy wrapper for the qsslcaudit tool, which is available at

The script will then act as a non-intercepting proxy for all SSL traffic. For each new host, it will redirect the SSL stream to an instance of qsslcaudit, so that the client connection can be tested. HTTP connections will just be forwarded, so nothing is blocked.

When a host is tested, the original flow is restored so that the application functionality can go back to normal. The script can also be configured with a blacklist file. If a part of the hostname matches a blacklist entry, this host will not be tested.


Simply clone the repository:

git clone
cd qsslcauditproxy


You need to install qsslcaudit on your system first. To do so, follow the instructions at Other than that, the application is self-contained and does not depend on external libraries. The only requirement is Python version 3.


The proxy can be launched using Python3:

python3 -h

        Qsslcauditproxy v0.0.1
  Sean de Regge (

usage: [-h] [--blacklist BLACKLIST] [-p P]

A proxy wrapper for Qsslcaudit (

optional arguments:
  -h, --help            show this help message and exit
  --blacklist BLACKLIST
                        Blacklist file that holds hosts to exclude from
                        testing, for example known endpoints used by the OS
                        (default: None)
  -p P                  Port for proxy to listen on (default: 8888)
You can’t perform that action at this time.