With OldSSL Proxy you can browse all HTTPS websites on Windows XP, old Symbian and Windows Mobile smartphones, as well as use other (non-browser) software with modern SSL/TLS internet hosts.
OldSSL Proxy is a pre-configured Squid proxy server for outdated operating systems which do not support modern cryptography. It hijacks HTTPS connection (performs Man-in-the-Middle) and reencrypts it with self-signed certificate and old ciphersuites, compatible with old OS.
OldSSL Proxy:
- Performs "downgrading" Man-in-the-Middle for SSL/TLS (HTTPS)
- Supports SSLv3, RC4 and 3DES ciphers
- Uses RSA 1024 bit certificate with SHA1 signature
- Tested on Windows XP SP0 (Internet Explorer 6)
You'll need x86_64 system with Docker or Podman. Refer to Docker installation instruction if you're not familiar with it.
Execute:
docker run -d -p 3128:3128 -p 3180:3180 -v oldproxy-certs:/etc/squid/ssl_cert valdikss/oldssl-proxy
The command will download oldssl-proxy image and execute it.
WARNING: this command will run unprotected proxy server accessible for everyone over the network. If run it on an internet-wide accessible server, make sure to configure firewall rules first!
- Open browser, navigate to
http://PROXY-IP-ADDRESS:3180/, wherePROXY-IP-ADDRESSis an IP address of the Docker server. - Download
OldSSL.crtorOldSSL.der— these are root certificate (certificate authority) files of the proxy. The files are the same but the format is different, some operating systems support only one them. - Import OldSSL certificate into certificate storage. On Windows XP just double-click on the file, next-next-yes-finish.
- Configure your operating system (or browser) to use HTTP proxy. Host:
PROXY-IP-ADDRESS, port3128.
Projects with the similar goals: