An HTTPS proxy is a proxy IP that is used for web access. An HTTP proxy has port 80 open, and an HTTPS Proxy uses port 456. In most cases, the HTTP Proxy will get a request in plain text and another HTTP request is sent to the remote server. The information is then returned to the end user. Generally, most users still go for HTTP proxies as HTTPS is more of a safety protocol than the former. Some users of HTTPS include online paying sites and bank sites.
The HTTPS proxy acts like a re-layer that sends special HHTP (CONNECT) requests. It then creates an opaque tunnel that leads to the destination server. The destination server does not necessarily have to be an HTTPS server. Next, an SSL/TLS request will be sent to the server, which prompts an SSL handshake and (requested) HTTPS.
Difference between HTTP and HTTPS Proxies
There is a difference between HTTP and HTTPS proxies. Requests that server receives are not visible to the HTTPS proxy, and that’s why the latter cannot cache anything. A channel to the server will be built through the HTTPS proxy, before the server certificate is received and validated by the client. The process can also transpire vice-versa. On the flip side, the HTTP proxy is capable of viewing the request sent to the client, giving users more control.
While it is possible to send an HTTPS request through an HTTP proxy, you need to remember that the server certificate will be validated by the proxy. With that in mind, only the proxy certificate can be received and validated by the client. This happens because the certificate will vary from the socket connection address. In most cases, the chances of an SSL handshake will be virtually non-existent.
An HTTP proxy has the ability to look into requests and you can use it to address HTTPS requests and other debugging purposes.
Why won’t HTTP Proxy Work for HTTPS Requests?
What most users employ is an authenticated HTTP proxy, but HTTP proxy rarely works for HTTPS requests. This is mainly because TLS/SSL is secure at its endpoint. This means that there must be a data exchange between the server and the client through an encrypted channel. When users connect to the HTTP Proxy, they are essentially asking it to send to them the remote resource. This is in contradiction to endpoint security. Since there is no direct connection between the user and the remote connection, the credentials cannot be validated. In addition, personal information may become visible to the proxy.