aboutsummaryrefslogtreecommitdiffstats
path: root/doc-src/certinstall/windows7.html
diff options
context:
space:
mode:
Diffstat (limited to 'doc-src/certinstall/windows7.html')
-rw-r--r--doc-src/certinstall/windows7.html49
1 files changed, 34 insertions, 15 deletions
diff --git a/doc-src/certinstall/windows7.html b/doc-src/certinstall/windows7.html
index 16d3f611..b8632d56 100644
--- a/doc-src/certinstall/windows7.html
+++ b/doc-src/certinstall/windows7.html
@@ -1,21 +1,40 @@
-<p> Here's a quick and easy procedure you can use for Windows 7, as long as
-the app in question uses the global Windows certificate repository. </p>
+The Windows certificate manager expects a different certificate format from the
+one used by mitmproxy. The easiest way to convert the cert to the appropriate
+format is to use the Firefox web browser.
+
+
+### 1: Make sure Firefox is installed on the system.
+
+### 2: Fire up mitmproxy on the interception host.
+
+### 3: Configure Firefox to use the mitmproxy interceptor.
+
+### 4: Using Firefox, browse to an SSL-protected domain. You will see a warning:
+
+
+### 5: Click "I understand the risks" and "Add Exception":
+
+
+### 6: Click "Get certificate", "View", and switch to the "Details" tab:
+
+
+### 7: Click "Export", and save the certificate in "X.509 Certificate (PEM)" format:
+
+
+### 8: Next, start a command prompt, and type "certmgr" to start the Certificate Manager:
+
+
+### 9: From the top menu, select "Action", "All tasks", and then "Import":
+
+
+### 10: Click "Next", and browse to select the cert we just exported from Firefox:
+
+
+### 11: Click "Next", and "Finish" to complete the import. Accept all warning prompts.
+
-<ul>
- <li> Fire up MITMProxy, and configure Firefox on the Windows box to use
- it. Browse to the target domain, and you should see a big warning about
- an untrusted certificate. Use Firefox to export the certificate ("Add
- Exception", "Get Certificate", then "View", tab to "Details" and click
- "Export"). </li>
- <li> From the command console, fire up <b>certmgr</b>. Select "Trusted
- Root Certification Authorities", then on the top menu, "Action", "All
- Tasks", and "Import". When prompted, select the certificate file you've
- just saved from Firefox.</li>
- <li> And that's it - your certificate should now be trusted for that
- domain. Happy pentesting.</li>
-</ul>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 14:34:04 +0000