IP address as interception certificate's CN


#1

While sniffing traffics of Android apps with transparent mode, the CN of the interception certificate will be assigned with IP address instead of CN of the upstream certificate and failed client’s hostname verification, this was not what I expected since the docs say upstream cert sniffing is on by default to generate correct certificates. I can use a custom certificate to get through the verification, but I still want to know if this is the right behaviour that mitmproxy should have, if it is not what probably could be the cause and what should I do to make it generating correct certificates to pass the verification. Thanks.


#2

Update: Just found out that the problem will not happen in mitmproxy v0.15. (will happen in mitmproxy v2.0.2)