On Feb 6, 2013, at 7:21 AM, Leif Hedstrom <zw...@apache.org> wrote: > On 2/6/13 12:35 AM, oksana fishman wrote: >> I can see a certificate, for example. >> How https traffic can be seen by ATS plugin? > > You mean the SSL handshake? That would be Layer 5, not Layer 7 (HTTPS). I > don't think we expose any APIs for a plugin to intercept or participate in > the handshake, but James would know better.
I guess that I'm still not totally clear about what is needed here. The only way I can think of to see SSL-encapsulated traffic without terminating the SSL channel is to write a plugin that does TCP pass through. You could easily write a simple protocol plugin that is able to examine the clear-text portions of the SSL handshake. If you want to terminate SSL and do something with that, then you can use TSNetAcceptNamedProtocol() or TSPortDescriptorAccept(). Both of these are really intended for writing protocol plugins. TSNetAcceptNamedProtocol() lets you accept a connection based on a NPN (http://en.wikipedia.org/wiki/Next_Protocol_Negotiation) name. TSPortDescriptorAccept() lets you accept a connection on a socket that is described by a port descriptor string (ie. the format that records.config uses). If you want to terminate HTTPS and examine the SSL parameters of the underlying session, we don't currently have any APIs to do that. There has been some interest in exposing that information (https://issues.apache.org/jira/browse/TS-1584), however I would like to add an API that is more general than that proposal. Please add your comments to that bug if this is your area of interest. J
