diff options
| author | Aldo Cortesi <aldo@nullcube.com> | 2011-03-19 11:26:51 +1300 |
|---|---|---|
| committer | Aldo Cortesi <aldo@nullcube.com> | 2011-03-19 11:26:51 +1300 |
| commit | 872b7881f2793bec8b2596e2a65bc4891387a1d5 (patch) | |
| tree | cf68ff0df6658f9750dd8bc031100d122a36b4dd /doc-src/ssl.html | |
| parent | 35a952ef3c8a498d67345b61d714fa3aa23cef4a (diff) | |
| download | mitmproxy-872b7881f2793bec8b2596e2a65bc4891387a1d5.tar.gz mitmproxy-872b7881f2793bec8b2596e2a65bc4891387a1d5.tar.bz2 mitmproxy-872b7881f2793bec8b2596e2a65bc4891387a1d5.zip | |
Docs.
Diffstat (limited to 'doc-src/ssl.html')
| -rw-r--r-- | doc-src/ssl.html | 36 |
1 files changed, 16 insertions, 20 deletions
diff --git a/doc-src/ssl.html b/doc-src/ssl.html index 7df6771b..afe8f389 100644 --- a/doc-src/ssl.html +++ b/doc-src/ssl.html @@ -13,25 +13,25 @@ directory (~/.mitmproxy by default): </tr> <tr> <td>mitmproxy-ca-cert.pem</td> - <td>Just the certificate in PEM format. Use this to distribute to most + <td>The certificate in PEM format. Use this to distribute to most non-Windows platforms.</td> </tr> <tr> <td>mitmproxy-ca-cert.p12</td> - <td>Just the certificate in PKCS12 format. For use on Windows.</td> + <td>The certificate in PKCS12 format. For use on Windows.</td> </tr> </table> -This dummy CA is used for on-the-fly generation of -dummy certificates for SSL interception. Since your browser won't trust the -__mitmproxy__ dummy CA out of the box (and rightly so), so you will see an SSL -cert warning every time you visit a new SSL domain through __mitmproxy__. When -you're testing a single site through a browser, just accepting the bogus SSL -cert manually is not too much of a hassle, but there are a number of cases -where you will want to configure your testing system or browser to trust the -__mitmproxy__ CA as a signing root authority: - -- If you are testing non-browser software that checks SSL cert validiy. +This CA is used for on-the-fly generation of dummy certificates for SSL +interception. Since your browser won't trust the __mitmproxy__ CA out of the +box (and rightly so), you will see an SSL cert warning every time you visit a +new SSL domain through __mitmproxy__. When you're testing a single site through +a browser, just accepting the bogus SSL cert manually is not too much trouble, +but there are a number of cases where you will want to configure your testing +system or browser to trust the __mitmproxy__ CA as a signing root authority: + +- If you are testing non-browser software that checks SSL cert validiy using +the system certificate store. - You are testing an app that makes non-interactive (JSONP, script src, etc.) requests to SSL resources. Another workaround in this case is to manually visit the page through the browser, and add a certificate exception. @@ -42,12 +42,8 @@ exceptions. Installing the mitmproxy CA =========================== +* [Firefox](@!urlTo("certinstall/firefox.html")!@) +* [OSX](@!urlTo("certinstall/osx.html")!@) +* [Windows 7](@!urlTo("certinstall/windows7.html")!@) +* [iPhone/iPad](@!urlTo("certinstall/ios.html")!@) -* Browser certificate installation: - * [Firefox](@!urlTo("certinstall/firefox.html")!@) - * [Safari](@!urlTo("certinstall/safari.html")!@) - * [Internet Explorer](@!urlTo("certinstall/ie.html")!@) -* System-wide certificate installation: - * [OSX](@!urlTo("certinstall/osx.html")!@) - * [Windows 7](@!urlTo("certinstall/windows7.html")!@) - * [iPhone/iPad](@!urlTo("certinstall/ios.html")!@) |