Setup SNI Proxy on Debian 7 x64


SNI Proxy can proxy both incoming HTTP and TLS connections based on the hostname that is contained within the initial request of that TCP session. This feature allows HTTPS name-based virtual hosting to be used on separate back-end servers without installing a private key on the proxy machine. It also lifts the TLS restriction of one IP per certificate.

This article will explain how to set up a SNI Proxy server. It was written for Debian 7 x64. SNI Proxy is open source software written by Dustin Lundquist.

Install SNI Proxy

Update your Debian system.

apt-get update && apt-get dist-upgrade

Install the required dependencies.

apt-get install autotools-dev cdbs debhelper dh-autoreconf dpkg-dev gettext libev-dev libpcre3-dev pkg-config git -y

Install udns.

mkdir udnscd udnswget http://ftp.de.debian.org/debian/pool/main/u/udns/udns_0.4-1.dsc wget http://ftp.de.debian.org/debian/pool/main/u/udns/udns_0.4.orig.tar.gzwget http://ftp.de.debian.org/debian/pool/main/u/udns/udns_0.4-1.debian.tar.gztar xfz udns_0.4.orig.tar.gzcd udns-0.4/tar xfz ../udns_0.4-1.debian.tar.gzdpkg-buildpackagecd ..dpkg -i *.deb 

Install SNI proxy.

git clone https://github.com/dlundquist/sniproxycd sniproxy./autogen.sh && ./configuremake && make install

Configure SNI proxy

Edit the /etc/sniproxy.conf file. You can add sites that you want to proxy by using wildcards. See the example below.

user nobodypidfile /var/run/sniproxy.piderror_log {    syslog deamon    priority notice}listen 80  {    proto http    table hosts}listen 443 {    proto tls    table hosts}table hosts{    .*/.google/.com$ *    .*/.google/.com/.hk$ *    google.com google.com    google.com.hk google.com.hk}

Once you have finished configuring your server, start SNI Proxy with the following command.

sniproxy

Enjoy!

Want to contribute?

You could earn up to $300 by adding new articles

Submit your article
Suggest an update
Request an article

No comments

Powered by Blogger.