mirror of
https://github.com/Grasscutters/mitmproxy.git
synced 2024-11-28 18:50:42 +00:00
docs: requirements for custom mitmproxy-ca.pem (#4601)
* docs: requirements for custom mitmproxy-ca.pem * docs: fix typos
This commit is contained in:
parent
8af4055e3b
commit
01c18c109b
@ -151,6 +151,27 @@ mitmproxy. Mitmproxy will then look for `mitmproxy-ca.pem` in the
|
||||
specified directory. If no such file exists, it will be generated
|
||||
automatically.
|
||||
|
||||
The `mitmproxy-ca.pem` certificate file has to look roughly like this:
|
||||
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
<private key>
|
||||
-----END PRIVATE KEY-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
<cert>
|
||||
-----END CERTIFICATE-----
|
||||
|
||||
When looking at the certificate with
|
||||
`openssl x509 -noout -text -in ~/.mitmproxy/mitmproxy-ca.pem`
|
||||
it should have at least the following X509v3 extensions so mitmproxy can
|
||||
use it to generate certificates:
|
||||
|
||||
X509v3 extensions:
|
||||
X509v3 Key Usage: critical
|
||||
Certificate Sign
|
||||
X509v3 Basic Constraints: critical
|
||||
CA:TRUE
|
||||
|
||||
|
||||
## Using a client side certificate
|
||||
|
||||
You can use a client certificate by passing the `--set client_certs=DIRECTORY|FILE`
|
||||
|
Loading…
Reference in New Issue
Block a user