Can mitmproxy displays client certificate used by client?

peat-psuwit · August 21, 2018, 7:23pm

I’m trying to understand a protocol which uses client certificate as the authentication mechanism (in particular, the protocol is MS-MDM). So, I successfully use mitmproxy to intercept the conversation from the client. However, in the “Detail” tab, there’s no information about client certificate, only server certificate. So, I can’t verify if the protocol actually uses a client certificate and which certificate is used.

So, my question is:

Does mitmproxy save & display information about client certificate?
If 1. is true, does the absence of “client certificate” section imply that there’s no client certificate used?
Can I config mitmproxy to make it displays an explicit message if there’s no client certificate?

mhils · September 6, 2018, 2:59pm

Hi,

Does mitmproxy save & display information about client certificate?

We do store it, but we may not display it. Adding that in the UI should be relatively straightforward:

github.com

mitmproxy/mitmproxy/blob/b7aa325bfe9e392f5f5089a0b6be648e7ccaf6d7/mitmproxy/connections.py#L22


      
          from mitmproxy.utils import strutils
          
          
          class ClientConnection(tcp.BaseHandler, stateobject.StateObject):
              """
              A client connection
          
              Attributes:
                  address: Remote address
                  tls_established: True if TLS is established, False otherwise
                  clientcert: The TLS client certificate
                  mitmcert: The MITM'ed TLS server certificate presented to the client
                  timestamp_start: Connection start timestamp
                  timestamp_tls_setup: TLS established timestamp
                  timestamp_end: Connection end timestamp
                  sni: Server Name Indication sent by client during the TLS handshake
                  cipher_name: The current used cipher
                  alpn_proto_negotiated: The negotiated application protocol
                  tls_version: TLS version
                  tls_extensions: TLS ClientHello extensions
              """

github.com

mitmproxy/mitmproxy/blob/b7aa325bfe9e392f5f5089a0b6be648e7ccaf6d7/mitmproxy/tools/console/flowdetailview.py

import urwid

from mitmproxy import http
from mitmproxy.tools.console import common, searchable
from mitmproxy.utils import human
from mitmproxy.utils import strutils


def maybe_timestamp(base, attr):
    if base is not None and getattr(base, attr):
        return human.format_timestamp_with_milli(getattr(base, attr))
    else:
        return "active"


def flowdetails(state, flow: http.HTTPFlow):
    text = []

    sc = flow.server_conn
    cc = flow.client_conn

This file has been truncated. show original

No, see 1
Yes, see code linked above. A PR that adds support for displaying it would be appreciated!

Topic		Replies	Views
Problem and Questions regarding client certificates help	4	1536	April 30, 2018
Programatically determine if mitmproxy certificate has been installed	4	1320	July 28, 2017
Is there a way to install mitmproxy certificates on client when starting? help	0	929	May 3, 2019
CA issue with client certificate help	4	3062	February 1, 2018
How to use own certificates in mitmproxy help	1	5768	June 10, 2016

Can mitmproxy displays client certificate used by client?

Related Topics