<!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" http-equiv="Content-Type"/> <link href="01-bootstrap.min.css" type="text/css" rel="StyleSheet"/> <link href="02-docstyle.css" type="text/css" rel="StyleSheet"/> <link href="syntax.css" type="text/css" rel="StyleSheet"/> <title>mitmproxy 0.9 - Overview</title></head><body><div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container"> <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </a> <a class="brand" href="index.html">mitmproxy 0.9 docs</a> </div><!--/.nav-collapse --> </div> </div> </div> <div class="container"> <div class="row"> <div class="span3"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li><a href="index.html">Introduction</a></li> <li><a href="install.html">Installation</a></li> <li><a href="howmitmproxy.html">How mitmproxy works</a></li> <li class="nav-header">Tools</li> <li><a href="mitmproxy.html">mitmproxy</a></li> <li><a href="mitmdump.html">mitmdump</a></li> <li class="nav-header">Features</li> <li><a href="features/anticache.html">Anticache</a></li> <li><a href="features/clientreplay.html">Client-side replay</a></li> <li><a href="features/filters.html">Filter expressions</a></li> <li><a href="features/proxyauth.html">Proxy Authentication</a></li> <li><a href="features/replacements.html">Replacements</a></li> <li><a href="features/serverreplay.html">Server-side replay</a></li> <li><a href="features/setheaders.html">Set Headers</a></li> <li><a href="features/sticky.html">Sticky cookies and auth</a></li> <li><a href="features/reverseproxy.html">Reverse proxy mode</a></li> <li><a href="features/upstreamcerts.html">Upstream Certs</a></li> <li class="nav-header">Installing Certificates</li> <li class="active"><a href="ssl.html">Overview</a></li> <li><a href="certinstall/firefox.html">Firefox</a></li> <li><a href="certinstall/osx.html">OSX</a></li> <li><a href="certinstall/windows7.html">Windows 7</a></li> <li><a href="certinstall/ios.html">IOS</a></li> <li><a href="certinstall/ios-simulator.html">IOS Simulator</a></li> <li><a href="certinstall/android.html">Android</a></li> <li class="nav-header">Transparent Proxying</li> <li><a href="transparent.html">Overview</a></li> <li><a href="transparent/linux.html">Linux</a></li> <li><a href="transparent/osx.html">OSX</a></li> <li class="nav-header">Tutorials</li> <li><a href="tutorials/30second.html">Client playback: a 30 second example</a></li> <li><a href="tutorials/gamecenter.html">Setting highscores on Apple's GameCenter</a></li> <li class="nav-header">Scripting mitmproxy</li> <li><a href="scripting/inlinescripts.html">Inline Scripts</a></li> <li><a href="scripting/libmproxy.html">libmproxy</a></li> <li class="nav-header">Hacking</li> <li><a href="dev/testing.html">Testing</a></li> </ul> </div> </div> <div class="span9"> <div class="page-header"> <h1>Overview</h1> </div> <p>The first time <strong>mitmproxy</strong> or <strong>mitmdump</strong> is run, a set of certificate files for the mitmproxy Certificate Authority are created in the config directory (~/.mitmproxy by default). The files are as follows: </p> <table class="table"> <tr> <td class="nowrap">mitmproxy-ca.pem</td> <td>The private key and certificate in PEM format.</td> </tr> <tr> <td class="nowrap">mitmproxy-ca-cert.pem</td> <td>The certificate in PEM format. Use this to distribute to most non-Windows platforms.</td> </tr> <tr> <td class="nowrap">mitmproxy-ca-cert.p12</td> <td>The certificate in PKCS12 format. For use on Windows.</td> </tr> <tr> <td class="nowrap">mitmproxy-ca-cert.cer</td> <td>Same file as .pem, but with an extension expected by some Android devices.</td> </tr> </table> <p>This CA is used for on-the-fly generation of dummy certificates for SSL interception. Since your browser won't trust the <strong>mitmproxy</strong> CA out of the box (and rightly so), you will see an SSL cert warning every time you visit a new SSL domain through <strong>mitmproxy</strong>. When you're testing a single site through a browser, just accepting the bogus SSL cert manually is not too much trouble, but there are a many circumstances where you will want to configure your testing system or browser to trust the <strong>mitmproxy</strong> CA as a signing root authority.</p> <h2>Installing the mitmproxy CA</h2> <ul> <li><a href="certinstall/firefox.html">Firefox</a></li> <li><a href="certinstall/osx.html">OSX</a></li> <li><a href="certinstall/windows7.html">Windows 7</a></li> <li><a href="certinstall/ios.html">iPhone/iPad</a></li> <li><a href="certinstall/ios-simulator.html">IOS Simulator</a></li> <li><a href="certinstall/android.html">Android</a></li> </ul> </div> </div> <hr> <footer> <p>© mitmproxy project, 2013</p> </footer> </div> </body></html>