I’ve set up an openvpn server (tcp connection).
After the traffic passes through the vpn i redirect port 80/443 to 8080 (iptables -t nat -A PREROUTING -i tun0 -p tcp --dport 80 -j REDIRECT --to-port 8080) (also ip6tables) (tun0 is the vpn gateway).
(Mitmproxy is working explicitly (installed the cert, etc))
Then I start mitm with --mode transparent --showhost (also tried --ssl-insecure).
Most traffic passes through normally, but some sites give alot of warnings:
1- Client Handshake failed. The client may not trust the proxy’s certificate for xxxx.
2- Certificate verification error for xxx: unable to get local issuer certificate(errno:20, depth: 1)
3- Invalid certificate, closing connection
4- (just a few) Cannot establish TLS with xxx:443(sni:xxx): TlsException(“SSL handshake error:SysCallError(104, ‘ECONNRESERT’)”,)
What have I done wrong? Do I need to replace openvpn certificates with mitm certificate?
PS: I’m probably just dumb.