Contact person: Business Client

Phone:Show

Email:Show

Location: Indore, India

Budget: Recommended by industry experts

Time to start: As soon as possible

Project description:
"I run MeshCentral on a Windows host and I need a custom server-side plugin that turns the MeshCentral server into a secure HTTPS relay. When a public client hits a specific endpoint on the server, the plugin should:

• decide which connected agent must handle the call (I will pass an agent identifier or mapping rule in the URL or header),
• forward the original HTTPS request—including headers, body and method (GET, POST, PUT, anything the client sends)—through MeshCentral’s encrypted tunnel,
• execute the request on the agent exactly as received,
• capture the agent’s response and stream it back to the original client over the same server connection.

No extra ports may be opened and nothing must travel in plaintext; everything relies on MeshCentral’s existing TLS channel.

Environment & constraints
– MeshCentral server and agents are Windows.
– The public endpoint will be exposed without additional auth for now, so the plugin itself must be robust against malformed or oversized payloads.
– Implementation should follow the official MeshCentral plugin model (Node.js). A lightweight configuration interface inside the MeshCentral web UI for mapping URLs to agents would be ideal but a JSON config file is acceptable.

Deliverables
1. Complete plugin source code.
2. Step-by-step installation and configuration guide I can follow on a fresh MeshCentral 1.x install.
3. Brief test script or curl examples proving GET, POST and PUT forwarding.
4. Short read-me on how to extend the plugin for future auth schemes.

Acceptance
I will spin up a clean MeshCentral instance, install the plugin, hit the public URL, watch traffic tunnel to the chosen agent and confirm the response matches what the agent produced. No firewall changes beyond the existing MeshCentral port should be required.
Project Description

We need a developer to create a custom plugin for MeshCentral that securely forwards HTTPS requests from the server to selected agents, executes them locally, and returns responses through MeshCentral’s encrypted channel.

The goal is to allow the server to act as a secure relay — without opening any external ports or exposing plaintext data.

Main Tasks

Build a MeshCentral plugin ([login to view URL], [login to view URL]).

Accept incoming HTTPS requests (GET, POST, PUT, DELETE).

Validate and authenticate the request.

Map paths to backend routes via a JSON configuration file.

Forward encrypted payloads through MeshCentral’s internal communication channel.

Have the agent execute the mapped HTTPS request locally and return the response.

Relay the response back to the client exactly (status, headers, JSON).

Example Configuration

/meshcentral-data/plugins/secureforwarder/[login to view URL]

{
"routes": {
"/api/example": "[login to view URL]",
"/api/token": "[login to view URL]"
},
"allowedAgents": ["DESKTOP-A01", "LAPTOP-B02"],
"security": {
"verifyToken": true,
"encryptPayload": true
}
}

Security Requirements

All communication via MeshCentral TLS + AES-GCM encryption.

No request data logged.

Optional HMAC verification for replay protection.

Support for per-agent AES keys.

Deliverables

Fully functional plugin files.

Configuration file with route mapping.

README with setup, restart, and testing steps.

Working cURL example demonstrating the full request → agent → response flow.

Skills Required

Advanced Node.js (event-driven architecture).

Experience with MeshCentral plugins and agent messaging.

Understanding of secure proxying and AES/TLS encryption.

Familiarity with remote execution or agent frameworks." (client-provided description)