I'm trying to inspect network traffic from my iPhone / iPad / Kindle / other wi-fi only consumer electronic device. To do this I man-in-the-middle myself (connect laptop to LAN via wire, create wireless Ad-hoc network, bridge the connections, then connect my device to the ad-hoc wi-fi network) and use Wireshark to watch the traffic.

In the past this has been adequate for my needs (just wanted to watch and see what potentially private info was being leaked about me / see that banking / amazon / etc apps were going over SSL). Now I've noticed that applications are almost all using SSL (which is great) but they are way to active for my taste. I'd like to use these apps but want to know what's happening in the background.

I know that corporations dead-end SSL connections at their proxys to inspect the traffic and then re-establish the connection on behalf of the user for the trip across the internet. While I find the corporate use a bit distasteful, I think this is exactly what I'd need to do to myself. Any suggestions for how to do so or other ideas on how to get the packets in the clear?

Squid 3 support full ssl providing I think, there are certainly patches for a while for 2.6 onwards, but think it is standard now. I would doubt it would work though for connections established outside of a normal browser, as the apps will probably insist on an exact certificate, not just any user installed one. Esp as you are in Jobsville and not on a decent platform like android. :-)

Thanks for the tip on Squid 3. I've found two other standalone ssl proxies (http://crypto.stanford.edu/ssl-mitm/ & http://code.google.com/p/gnucitizen/...httpservers.py) but neither seems to work all that well for what I want to do.

In fact I'd really like to avoid setting up the device to connect through a proxy. Because I'm already on the "wire" between the device and the internet it seems like it should be possible to proxy the connection without additional device configuration. Could Squid be configured to do this?

Now the topology is: handheld <--> laptop wi-fi <==> laptop ethernet <--> LAN & Internet
It seems like: handheld <--> laptop wi-fi <=SSL endpoint(Squid 3?)=> laptop ethernet <--> LAN & Internet shouldn't be too hard.

The cert situation is going to cause problems but it is what it is.

in order to make squid do it transparently you'd need to provide the *right* certificate from the proxy, not your own proxy certificate. It depends on the integrity of the client, as in you could create your own certificate called whatever you want, and have it signed by your internal CA and import the root ca onto the device, meaning you then could have your own devices accepting an "apple.com" certificate that you created. I'd just doubt that this is ever going to be a realistic thing to achieve.