Domain Fronting Testing
search cancel

Domain Fronting Testing

book

Article ID: 261499

calendar_today

Updated On:

Products

ProxySG Software - SGOS Advanced Secure Gateway Software - ASG

Issue/Introduction

Post-implementing Domain Fronting following the steps mentioned in Article 173281, requires steps to test domain fronting.

Resolution

You can test domain fronting using OpenSSL commands as below:

If it's an explicit proxy please execute the below command:

(echo -ne "GET / HTTP/1.1\rHost: hostheaderdomain.com\r\r" ; cat ) | openssl s_client --proxy 10.0.80.80:8080 -connect hostinCONNECTpacket.com:443 -servername clienthelloSNI.com

If it's a transparent proxy please execute the below command:

(echo -ne "GET / HTTP/1.1\rHost: hostheaderdomain.com\r\r" ; cat ) | openssl s_client -connect destinationIPdomain.com:443 -servername clienthelloSNI.com

Powered by Wolken Software