Problem and Questions regarding client certificates


#1

Hello,

I am new to mitmproxy and I have a couple of questions regarding client certificates. I made sure to google first/search to forum --> didn’t find the right answers (If I missed them though pls link :)).

a) Is there a function that exports the on-the-fly generated certificates, if I want to use them, for example, in an addon?
b) Are those on-the-fly generated certificates stored somewhere. (To inspect them at a later point)
c) As I should be able to specify a directory for my client certificates, does mitmproxy load that directory once (in the beginning) or does mitmproxy load the directory/certificate when needed --> implying it is possible to save a certificate into that folder while mitmproxy is already running, mitmproxy still will accept that new certificate?

To my problems: I can run ./mitmproxy --mode transparent without a problem, if I want to run ./mitmproxy --mode transparent --client-certs ~/mycertificates though i get the following error:

mitmproxy: error: unrecognized arguments: --client-certs /home/p1uymi/mycertificates

–client-certs is deprecated.
Please use --set client_certs=value instead.

How am I able to fix this? do I use the commands wrong?

With best regards,
PM


#2

Update on my Problem: I solved it :smiley:

Apperently the –clients-certs is the v2 way, for v3 i had to use –set client_certs=~/mycertificates in order to get it running.

That needs to be adapted in the Documentation for v3 :slight_smile: (https://docs.mitmproxy.org/stable/concepts-certificates/)

With bes regards,
PM


#3

Ah, thanks! Would you mind submitting a PR that fixes this? :smiley: There’s an “Edit on GitHub” button on the top right of each documentation page. :blush:


#4

Perfekt, created the PR.

As I wasn’t able to find any answer to my questions above yet, could you provide any? Especially if it is possible to modify the on-the-fly generated certificates (or at least inspect them at a later point) or not :thinking: Wasn’t able to find that out yet :smiley:


#5

I solved my ‘c’ question, still haven’t found any answer to them, if anyone could give insight on those, i would be super happy.

a) Is there a function that exports the on-the-fly generated certificates, if I want to use them, for example, in an addon?
b) Are those on-the-fly generated certificates stored somewhere. (To inspect them at a later point)

Cheers.