Custom certificate

liran · January 30, 2018, 5:56pm

when I am trying to sniff the domain I am interested in, there is the client handshake failed event.
I have the domain Certificate.

how can I know that --cert is really working and the requests to the domain are made with the Certificate I have? since it still does not work I am not sure why.
what is the difference between this and client side certificate? How can I know which I need to use?

please assist

mhils · January 30, 2018, 6:21pm

Hi,

Regarding your first point, it’s probably best to use WireShark and see what exactly happens on the wire. The certificate should be included in the ServerHello.
Regarding your second question: On the internet, your browser/app usually verifies the identity of the server using the (server) certificate, and the server authenticates you via some other means (e.g. a login form and then cookies).
TLS also supports “client certificates”, where the client shows a certificate to the server to verify its identity. While technically nice, this is quite uncommon. If you don’t know what you’re dealing with, you are very very likely dealing with a server certificate.

TL;DR: Server Certificate = certificate key resides on server, Client Certificate = certificate key resides on client.

liran · February 5, 2018, 2:45pm

thanks.
I see on WireShark alert - Certificate unknown
do you know what does it mean?

if there is a mitmproxy string in the certificate it means it didnt use my certificate?

is there a specific folder in which my certificate should be in?

Topic		Replies	Views
Use mitmproxy to add cert pinning to an app help	1	1395	May 30, 2018
IP address as interception certificate's CN help	1	853	May 30, 2017
HTTPS Sniffing on Android (Certificate Pinning)	4	14189	January 31, 2018
[Mitmproxy] Android Apps help	1	934	November 29, 2017
IP for the CN using mitmproxy in transparent mode	1	750	May 16, 2018

Custom certificate

Related Topics