Skip to content
Tomi edited this page Jun 8, 2016 · 9 revisions

SSL Proxying

Is James already proxying HTTPS requests?

In the bottom right corner, there is an indicator that displays the state of the proxy:

Indicator Meaning
Proxy: Online Everything is OK, including HTTPS 👌
Proxy: HTTPS disabled HTTPS is not working, see next section 👇

James isn't "doing the HTTPS", what do I do?

Two different SSL-related files are required:

  • root-ca.key.pem: a 'CA' key
  • root-ca.crt.pem: a 'CA' certificate

For information about these files, see Hoxy's details here and here.

Assuming openssl on your machine, run the following:

openssl genrsa -out root-ca.key.pem 2048
openssl req -x509 -new -nodes -key root-ca.key.pem -days 1024 -out root-ca.crt.pem -subj "/O=James Proxy Signing Authority"

This will generate the two required files, root-ca.key.pem and root-ca.crt.pem.

Import root-ca.crt.pem into each device/browser that you will be using James with, in order to allow the browsers to trust James and not throw a warning when James proxies HTTPS requests.

Additionally, place both files in James' config directory. This directory is different for each OS:

OS Config directory
Linux $HOME/.config/james/
Mac $HOME/Library/Application Support/James/
Windows %AppData%\james\

The above table applies to James versions 1.5.0 and after. Prior to version 1.5.0, these files should be placed in the same directory you extracted James to.

Do I actually need to do all of this?

Nope, if you're not dealing with HTTPS requests, James will happily proxy HTTP requests without issues.

Troubleshooting

HTTPS pages aren't loading at all

This happens when you haven't setup the SSL files necessary to proxy HTTPS requests. See the above section.

My browser is showing me scary warnings

This is because your browser doesn't trust the certificate James is using to proxy requests with. You need to import the root-ca.crt.pem file into your system/browser certificate store(s).

Clone this wiki locally