when I am trying to sniff the domain I am interested in, there is the client handshake failed event.
I have the domain Certificate.
- how can I know that --cert is really working and the requests to the domain are made with the Certificate I have? since it still does not work I am not sure why.
- what is the difference between this and client side certificate? How can I know which I need to use?
Regarding your first point, it’s probably best to use WireShark and see what exactly happens on the wire. The certificate should be included in the ServerHello.
Regarding your second question: On the internet, your browser/app usually verifies the identity of the server using the (server) certificate, and the server authenticates you via some other means (e.g. a login form and then cookies).
TLS also supports “client certificates”, where the client shows a certificate to the server to verify its identity. While technically nice, this is quite uncommon. If you don’t know what you’re dealing with, you are very very likely dealing with a server certificate.
TL;DR: Server Certificate = certificate key resides on server, Client Certificate = certificate key resides on client.
I see on WireShark alert - Certificate unknown
do you know what does it mean?
if there is a mitmproxy string in the certificate it means it didnt use my certificate?
is there a specific folder in which my certificate should be in?