diff --git a/doc-src/_nav.html b/doc-src/_nav.html
index 91d2118fe..3efff40ba 100644
--- a/doc-src/_nav.html
+++ b/doc-src/_nav.html
@@ -29,8 +29,7 @@
- $!nav("ssl.html", this, state)!$
- $!nav("certinstall/webapp.html", this, state)!$
+ $!nav("certinstall/ssl.html", this, state)!$
$!nav("transparent.html", this, state)!$
diff --git a/doc-src/certinstall/index.py b/doc-src/certinstall/index.py
index fd422cb3e..67e6185b8 100644
--- a/doc-src/certinstall/index.py
+++ b/doc-src/certinstall/index.py
@@ -1,6 +1,6 @@
from countershape import Page
pages = [
- Page("webapp.html", "Using the Web App"),
+ Page("ssl.html", "SSL Options"),
Page("mitm.it-error.html", "Error: No proxy configured"),
]
diff --git a/doc-src/certinstall/webapp.html b/doc-src/certinstall/webapp.html
deleted file mode 100644
index 478da96cb..000000000
--- a/doc-src/certinstall/webapp.html
+++ /dev/null
@@ -1,13 +0,0 @@
-
-By far the easiest way to install the mitmproxy certs is to use the built-in
-web app. To do this, start mitmproxy and configure your target device with the
-correct proxy settings. Now start a browser on the device, and visit the magic
-domain **mitm.it**. You should see something like this:
-
-
-
-Just click on the relevant icon, and then follow the setup instructions
-for the platform you're on.
-
-Make sure you aren't using a bandwith optimizer (like Google's Data Compression
-Proxy on Chrome for Android) or the page will not load.
diff --git a/doc-src/index.py b/doc-src/index.py
index 753f90a5c..1c1203f86 100644
--- a/doc-src/index.py
+++ b/doc-src/index.py
@@ -67,7 +67,6 @@ pages = [
Page("mitmdump.html", "mitmdump"),
Page("config.html", "configuration"),
- Page("ssl.html", "Overview"),
Directory("certinstall"),
Directory("scripting"),
Directory("tutorials"),
diff --git a/doc-src/ssl.html b/doc-src/ssl.html
deleted file mode 100644
index cccde1b78..000000000
--- a/doc-src/ssl.html
+++ /dev/null
@@ -1,91 +0,0 @@
-
-The first time __mitmproxy__ or __mitmdump__ is run, a set of certificate files
-for the mitmproxy Certificate Authority are created in the config directory
-(~/.mitmproxy by default). This CA is used for on-the-fly generation of dummy
-certificates for SSL interception. Since your browser won't trust the
-__mitmproxy__ CA out of the box (and rightly so), you will see an SSL cert
-warning every time you visit a new SSL domain through __mitmproxy__. When
-you're testing a single site through a browser, just accepting the bogus SSL
-cert manually is not too much trouble, but there are a many circumstances where
-you will want to configure your testing system or browser to trust the
-__mitmproxy__ CA as a signing root authority.
-
-
-CA and cert files
------------------
-
-The files created by mitmproxy in the .mitmproxy directory are as follows:
-
-
-
- | mitmproxy-ca.pem |
- The private key and certificate in PEM format. |
-
-
- | mitmproxy-ca-cert.pem |
- The certificate in PEM format. Use this to distribute to most
- non-Windows platforms. |
-
-
- | mitmproxy-ca-cert.p12 |
- The certificate in PKCS12 format. For use on Windows. |
-
-
- | mitmproxy-ca-cert.cer |
- Same file as .pem, but with an extension expected by some Android
- devices. |
-
-
-
-
-Using a custom certificate
---------------------------
-
-You can use your own certificate by passing the --cert option to mitmproxy. mitmproxy then uses the provided
-certificate for interception of the specified domains instead of generating a cert signed by its own CA.
-
-The certificate file is expected to be in the PEM format.
-You can include intermediary certificates right below your leaf certificate, so that you PEM file roughly looks like
-this:
-
-
------BEGIN PRIVATE KEY-----
-<private key>
------END PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-<cert>
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-<intermediary cert (optional)>
------END CERTIFICATE-----
-
-
-For example, you can generate a certificate in this format using these instructions:
-
-
-> openssl genrsa -out cert.key 8192
-> openssl req -new -x509 -key cert.key -out cert.crt
- (Specify the mitm domain as Common Name, e.g. *.google.com)
-> cat cert.key cert.crt > cert.pem
-> mitmproxy --cert=cert.pem
-
-
-Using a client side certificate
-------------------------------------
-You can use a client certificate by passing the --client-certs DIRECTORY option to mitmproxy.
-If you visit example.org, mitmproxy looks for a file named example.org.pem in the specified directory
-and uses this as the client cert. The certificate file needs to be in the PEM format and should contain
-both the unencrypted private key as well as the certificate.
-
-
-Using a custom certificate authority
-------------------------------------
-
-By default, mitmproxy will (generate and) use ~/.mitmproxy/mitmproxy-ca.pem as the default certificate
-authority to generate certificates for all domains for which no custom certificate is provided (see above).
-You can use your own certificate authority by passing the --confdir option to mitmproxy.
-mitmproxy will then look for mitmproxy-ca.pem in the specified directory. If no such file exists,
-it will be generated automatically.
-
-
-
diff --git a/doc-src/tutorials/gamecenter.html b/doc-src/tutorials/gamecenter.html
index d192232c0..8d2e9bc5c 100644
--- a/doc-src/tutorials/gamecenter.html
+++ b/doc-src/tutorials/gamecenter.html
@@ -3,7 +3,7 @@
In this tutorial, I'm going to show you how simple it is to creatively
interfere with Apple Game Center traffic using mitmproxy. To set things up,
-you must install the [mitmproxy root certificate](@!urlTo("certinstall/webapp.html")!@). I then
+you must install the [mitmproxy root certificate](@!urlTo("certinstall/ssl.html")!@). I then
started mitmproxy on my desktop, and configured the iPhone to use it as a
proxy.