diff options
Diffstat (limited to 'doc-src/ssl.html')
| -rw-r--r-- | doc-src/ssl.html | 34 |
1 files changed, 17 insertions, 17 deletions
diff --git a/doc-src/ssl.html b/doc-src/ssl.html index 7ee9438e..68e9a57c 100644 --- a/doc-src/ssl.html +++ b/doc-src/ssl.html @@ -1,22 +1,27 @@ -The first time __mitmproxy__ or __mitmdump__ is started, the following set of -certificate files for a dummy Certificate Authority are created in the config -directory (~/.mitmproxy by default): +The first time __mitmproxy__ or __mitmdump__ is run, a set of certificate files +for the mitmproxy Certificate Authority are created in the config directory +(~/.mitmproxy by default). The files are as follows: -<table> +<table class="table"> <tr> - <td>mitmproxy-ca.pem</td> + <td class="nowrap">mitmproxy-ca.pem</td> <td>The private key and certificate in PEM format.</td> </tr> <tr> - <td>mitmproxy-ca-cert.pem</td> + <td class="nowrap">mitmproxy-ca-cert.pem</td> <td>The certificate in PEM format. Use this to distribute to most non-Windows platforms.</td> </tr> <tr> - <td>mitmproxy-ca-cert.p12</td> + <td class="nowrap">mitmproxy-ca-cert.p12</td> <td>The certificate in PKCS12 format. For use on Windows.</td> </tr> + <tr> + <td class="nowrap">mitmproxy-ca-cert.cer</td> + <td>Same file as .pem, but with an extension expected by some Android + devices.</td> + </tr> </table> This CA is used for on-the-fly generation of dummy certificates for SSL @@ -24,16 +29,9 @@ interception. Since your browser won't trust the __mitmproxy__ CA out of the box (and rightly so), you will see an SSL cert warning every time you visit a new SSL domain through __mitmproxy__. When you're testing a single site through a browser, just accepting the bogus SSL cert manually is not too much trouble, -but there are a number of cases where you will want to configure your testing -system or browser to trust the __mitmproxy__ CA as a signing root authority: - -- If you are testing non-browser software that checks SSL cert validity using -the system certificate store. -- You are testing an app that makes non-interactive (JSONP, script src, etc.) -requests to SSL resources. Another workaround in this case is to manually visit -the page through the browser, and add a certificate exception. -- You just don't want to deal with the hassle of continuously adding cert -exceptions. +but there are a many circumstances where you will want to configure your +testing system or browser to trust the __mitmproxy__ CA as a signing root +authority. Installing the mitmproxy CA @@ -43,4 +41,6 @@ Installing the mitmproxy CA * [OSX](@!urlTo("certinstall/osx.html")!@) * [Windows 7](@!urlTo("certinstall/windows7.html")!@) * [iPhone/iPad](@!urlTo("certinstall/ios.html")!@) +* [IOS Simulator](@!urlTo("certinstall/ios-simulator.html")!@) +* [Android](@!urlTo("certinstall/android.html")!@) |