What does it mean for proxy server to be of “HTTPS” type


What does it actually mean for proxy to be "HTTPS proxy"? On the internet you can find many sites with free public proxies and some of them allow you filter them by their type.

While I understand how regular HTTP proxy works, how it's different compared to HTTPS proxy?

Is HTTPS proxy the one that allows accessing sites that are https:// (via CONNECT tunnel to port 443)?

What happens when I try to access regular http:// site via HTTPS proxy, is the connection between my computer and proxy server encrypted? Or it goes all the way in plain text?

My thinking is that:

  • HTTP proxy allows regular methods like GET, POST etc.
  • HTTPS proxy allows regular methods but also allows CONNECT *:443 method.

Best Answer

  • A proxy can be both an HTTP proxy and an HTTPS proxy if it supports the CONNECT command. If it does not support the CONNECT command, it can only do HTTP.

    During normal operation, the HTTP proxy receives the HTTP request, and is "smart enough" to understand it and so is able to optimize operations via methods such as searching its cache to serve the response without going to the destination server, or consulting a white-list/black-list to see if this URL is allowed, etc.

    In CONNECT mode, none of this happens. The proxy establishes a TCP connection to the destination server, and simply forwards all traffic from the client to the destination server and all traffic from the destination server to the client. That means that any TCP protocol can work (HTTPS, SSH, FTP - even plain HTTP), as the proxy then becomes just a simple dumb pipe.

  • Related Question