diff options
| -rw-r--r-- | docs/src/content/concepts-certificates.md | 4 | ||||
| -rw-r--r-- | docs/src/content/howto-install-system-trusted-ca-android.md | 4 | ||||
| -rw-r--r-- | examples/simple/wsgi_flask_app.py | 4 |
3 files changed, 6 insertions, 6 deletions
diff --git a/docs/src/content/concepts-certificates.md b/docs/src/content/concepts-certificates.md index 20b03dc6..cf3447c7 100644 --- a/docs/src/content/concepts-certificates.md +++ b/docs/src/content/concepts-certificates.md @@ -65,7 +65,7 @@ SSL sites that your client visits. Since your browser won't trust the mitmproxy CA out of the box, you will see an SSL certificate warning every time you visit a new SSL domain through mitmproxy. When you are testing a single site through a browser, just accepting the bogus SSL cert manually is not too much trouble, but -there are a many circumstances where you will want to configure your testing +there are many circumstances where you will want to configure your testing system or browser to trust the mitmproxy CA as a signing root authority. For security reasons, the mitmproxy CA is generated uniquely on the first start and is not shared between mitmproxy installations on different devices. @@ -121,7 +121,7 @@ instructions: openssl genrsa -out cert.key 2048 # (Specify the mitm domain as Common Name, e.g. \*.google.com) openssl req -new -x509 -key cert.key -out cert.crt -cat cert.key cert.crt \> cert.pem +cat cert.key cert.crt > cert.pem {{< / highlight >}} Now, you can run mitmproxy with the generated certificate: diff --git a/docs/src/content/howto-install-system-trusted-ca-android.md b/docs/src/content/howto-install-system-trusted-ca-android.md index 2ef67f30..2b41dcbd 100644 --- a/docs/src/content/howto-install-system-trusted-ca-android.md +++ b/docs/src/content/howto-install-system-trusted-ca-android.md @@ -9,7 +9,7 @@ menu: [Since Android 7, apps ignore user certificates](https://android-developers.googleblog.com/2016/07/changes-to-trusted-certificate.html), unless they are configured to use them. As most applications do not explicitly opt in to use user certificates, we need to place our mitmproxy CA certificate in the system certificate store, -in order to avid having to patch each application, which we want to monitor. +in order to avoid having to patch each application, which we want to monitor. Please note, that apps can decide to ignore the system certificate store and maintain their own CA certificates. In this case you have to patch the application. @@ -83,4 +83,4 @@ adb shell "chmod 664 /system/etc/security/cacerts/c8450d0d.0" adb reboot {{< / highlight >}} -**Remember**: You **always** have to start the emulator using the `-writable-system` option in order to use your certificate
\ No newline at end of file +**Remember**: You **always** have to start the emulator using the `-writable-system` option in order to use your certificate diff --git a/examples/simple/wsgi_flask_app.py b/examples/simple/wsgi_flask_app.py index bbde6913..b34fbc83 100644 --- a/examples/simple/wsgi_flask_app.py +++ b/examples/simple/wsgi_flask_app.py @@ -15,9 +15,9 @@ def hello_world() -> str: addons = [ - # Host app at the magic domain "proxapp.local" on port 80. Requests to this + # Host app at the magic domain "example.com" on port 80. Requests to this # domain and port combination will now be routed to the WSGI app instance. - wsgiapp.WSGIApp(app, "proxapp.local", 80) + wsgiapp.WSGIApp(app, "example.com", 80) # SSL works too, but the magic domain needs to be resolvable from the mitmproxy machine due to mitmproxy's design. # mitmproxy will connect to said domain and use serve its certificate (unless --no-upstream-cert is set) # but won't send any data. |