diff options
Diffstat (limited to 'doc-src/faq.html')
| -rw-r--r-- | doc-src/faq.html | 50 |
1 files changed, 0 insertions, 50 deletions
diff --git a/doc-src/faq.html b/doc-src/faq.html index 769227bd..daca2b82 100644 --- a/doc-src/faq.html +++ b/doc-src/faq.html @@ -5,55 +5,5 @@ Coming soon. - <p class="question">I'm pentesting an non-browser app that checks SSL - certificate validity. How do I make it trust the MITMProxy certificate?</p> - - - <p> Here's a quick and easy procedure you can use for Windows 7, as long as - the app in question uses the global Windows certificate repository. </p> - - <ul> - - <li> First copy the file <b>libmproxy/resources/bogus_template</b> - from the MITMProxy source, and edit it to include your target domain in - the CN parameter. The result should look like this: - -<pre>[ req ] -prompt = no -distinguished_name = req_distinguished_name - -[ req_distinguished_name ] -C = NZ -ST = none -L = none -O = none -OU = none -CN = target.domain.com -emailAddress = none</pre> - </li> - - <li> Next, use your bogus template to generate a certificate, and - install it for MITMPRoxy to use: - -<pre>openssl req -config ./my_bogus_template -x509 -nodes -days 9999 -newkey rsa:1024 -keyout mycert -out mycert - -cp mycert ~/.mitmproxy/cert.pem</pre> - </li> - - <li> Fire up MITMProxy, and configure Firefox on the Windows box to use - it. Browse to the target domain, and you should see a big warning about - an untrusted certificate. Use Firefox to export the certificate ("Add - Exception", "Get Certificate", then "View", tab to "Details" and click - "Export"). </li> - - <li> From the command console, fire up <b>certmgr</b>. Select "Trusted - Root Certification Authorities", then on the top menu, "Action", "All - Tasks", and "Import". When prompted, select the certificate file you've - just saved from Firefox.</li> - - <li> And that's it - your certificate should now be trusted for that - domain. Happy pentesting.</li> - - </ul> </div> |