Actually you can use Paros proxy (http://www.parosproxy.org/) to intercept SSL traffic, because it can perform a man-in-the-middle "attack" (it decrypts the traffic and reencrypts it with its own certificate). Of course you'll get a warning in the browser but (supposedly) you know what you are doing.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/infocus/1879/764#764