Hi all,
Is it possible to redirect all customers to non SSL-Connections to youtube? If this would be possible caching would be much more easier! Maybe some one has an idea or solved the problem. thanks in advance
with best regards
HK
Re: redirect Youtube to non SSL
This isn't ethical, you will break everyone in your network for MitM attacks and too, break Google hard work at cryptography.
Re: redirect Youtube to non SSL
The answer is "no". Youtube uses HSTS, so any browser connected to Youtube in last 365 days will automatically use HTTPS. And once browser decides to uses HTTPS, you as the middle man can't change its decision. Even the target server can't tell it to use HTTP when HSTS is used.
In theory, you could catch HTTP requests to Youtube, direct them to your proxy and filter out HSTS and redirects to HTTPS from answers. But it would only work for new devices that never connected to Youtube before and that won't ever leave your network, because once they do, next time they would require HTTPS. So in practice, it's "no" again.
In theory, you could catch HTTP requests to Youtube, direct them to your proxy and filter out HSTS and redirects to HTTPS from answers. But it would only work for new devices that never connected to Youtube before and that won't ever leave your network, because once they do, next time they would require HTTPS. So in practice, it's "no" again.
Re: redirect Youtube to non SSL
of the aim of this excercess is just catching, using TLS host option in firewall filter rule, it will get HTTPS
https://wiki.mikrotik.com/wiki/Manual:I ... all/Filter
https://wiki.mikrotik.com/wiki/Manual:I ... all/Filter