TLENVOY - A Tool for TLS Termination and Inspection

Main Article Content

Udit Misra

Abstract

With the increasing adaption on encrypted communication over the internet, ensuring the security over network traffic has become very crucial. Transport Layer Security (TLS) is now widely used to secure data in transit, but at the same time it also poses challenges for network administrators who need to inspect traffic for malicious content or policy violations. This paper explores the use of Envoy, an open-source edge and service proxy, as a forward proxy to inspect TLS traffic. By leveraging Envoy's capabilities, organizations can maintain a secure environment for all nodes behind the proxy. We discuss the architecture, implementation, security considerations, and potential challenges of using Envoy for TLS inspection. The paper concludes with recommendations for deploying such a system in a secure and efficient manner.

Article Details

How to Cite
Misra, U. (2025). TLENVOY - A Tool for TLS Termination and Inspection. The Eastasouth Journal of Information System and Computer Science, 2(03), 200–204. https://doi.org/10.58812/esiscs.v2i03.489
Section
Articles

References

E. Rescorla, “The transport layer security (TLS) protocol version 1.3,” 2018.

S. Dyllan, H. Dahimene, P. Wright, and P. Xiao, “Analysis of HTTP and HTTPS usage on the university internet backbone links,” J. Ind. Intell. Inf. Vol, vol. 2, no. 1, 2014.

D. Naylor et al., “The cost of the" s" in https,” in Proceedings of the 10th ACM International on Conference on emerging Networking Experiments and Technologies, 2014, pp. 133–140.

T. Dierks and E. Rescorla, “The transport layer security (TLS) protocol version 1.2,” 2008.

R. Fielding et al., “Hypertext transfer protocol--HTTP/1.1,” 1999.

D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk, “Internet X. 509 public key infrastructure certificate and certificate revocation list (CRL) profile,” 2008.

H. Krawczyk and P. Eronen, “HMAC-based extract-and-expand key derivation function (HKDF),” 2010.