2011-02-19 06:43:44 +00:00
|
|
|
|
2011-03-15 22:09:10 +00:00
|
|
|
SSL
|
|
|
|
===
|
|
|
|
|
|
|
|
The first time __mitmproxy__ or __mitmdump__ is started, a dummy SSL
|
|
|
|
certificate authority is generated (the default location is
|
|
|
|
~/.mitmproxy/ca.pem). This dummy CA is used to generate dummy certificates for
|
|
|
|
SSL interception on-the-fly. Since your browser won't trust the __mitmproxy__
|
|
|
|
dummy CA out of the box (and rightly so), so you will see an SSL cert warning
|
|
|
|
every time you visit a new SSL domain through __mitmproxy__. When you're
|
|
|
|
testing a single site, just accepting the bogus SSL cert manually is not too
|
|
|
|
much of a hassle, but there are a number of cases where you will want to
|
|
|
|
configure your testing system or browser to trust __mitmproxy__:
|
|
|
|
|
|
|
|
- If you are testing non-browser software that checks SSL cert validiy.
|
|
|
|
- You are testing an app that makes non-interactive (JSONP, script src, etc.)
|
|
|
|
requests to SSL resources. Another workaround in this case is to manually visit
|
|
|
|
the page through the browser, and add a certificate exception.
|
|
|
|
- You just don't want to deal with the hassle of continuously adding cert
|
|
|
|
exceptions.
|
|
|
|
|
|
|
|
|
|
|
|
Installing the mitmproxy CA
|
|
|
|
===========================
|
|
|
|
|
|
|
|
* Browser certificate installation:
|
|
|
|
* [Firefox](@!urlTo("certinstall/firefox.html")!@#firefox)
|
|
|
|
* [Chrome](@!urlTo("certinstall/chrome.html")!@#chrome)
|
|
|
|
* [Safari](@!urlTo("certinstall/safari.html")!@#safari)
|
|
|
|
* [Internet Explorer](@!urlTo("certinstall/ie.html")!@#ie)
|
|
|
|
* System-wide certificate installation:
|
|
|
|
* [Windows 7](@!urlTo("certinstall/windows7.html")!@#windows7)
|
|
|
|
* [iPhone/iPad](@!urlTo("certinstall/ios.html")!@#ios)
|
2011-02-19 06:43:44 +00:00
|
|
|
|