Can mitmproxy displays client certificate used by client?


#1

I’m trying to understand a protocol which uses client certificate as the authentication mechanism (in particular, the protocol is MS-MDM). So, I successfully use mitmproxy to intercept the conversation from the client. However, in the “Detail” tab, there’s no information about client certificate, only server certificate. So, I can’t verify if the protocol actually uses a client certificate and which certificate is used.

So, my question is:

  1. Does mitmproxy save & display information about client certificate?
  2. If 1. is true, does the absence of “client certificate” section imply that there’s no client certificate used?
  3. Can I config mitmproxy to make it displays an explicit message if there’s no client certificate?

#2

Hi,

  1. Does mitmproxy save & display information about client certificate?

We do store it, but we may not display it. Adding that in the UI should be relatively straightforward:


  1. No, see 1
  2. Yes, see code linked above. A PR that adds support for displaying it would be appreciated! :smiley: