The first time __mitmproxy__ or __mitmdump__ is run, a set of certificate files for the mitmproxy Certificate Authority are created in the config directory (~/.mitmproxy by default). The files are as follows:
mitmproxy-ca.pem The private key and certificate in PEM format.
mitmproxy-ca-cert.pem The certificate in PEM format. Use this to distribute to most non-Windows platforms.
mitmproxy-ca-cert.p12 The certificate in PKCS12 format. For use on Windows.
mitmproxy-ca-cert.cer Same file as .pem, but with an extension expected by some Android devices.
This CA is used for on-the-fly generation of dummy certificates for SSL interception. Since your browser won't trust the __mitmproxy__ CA out of the box (and rightly so), you will see an SSL cert warning every time you visit a new SSL domain through __mitmproxy__. When you're testing a single site through a browser, just accepting the bogus SSL cert manually is not too much trouble, but there are a many circumstances where you will want to configure your testing system or browser to trust the __mitmproxy__ CA as a signing root authority. Installing the mitmproxy CA --------------------------- * [Firefox](@!urlTo("certinstall/firefox.html")!@) * [OSX](@!urlTo("certinstall/osx.html")!@) * [Windows 7](@!urlTo("certinstall/windows7.html")!@) * [iPhone/iPad](@!urlTo("certinstall/ios.html")!@) * [IOS Simulator](@!urlTo("certinstall/ios-simulator.html")!@)