Using mitmproxy with its own certificate and private key is fairly straightforward. It is also easy to make mitmproxy work with a self-signed certificate. But my question is about making it work with a certificate bought from a trusted CA.
Imagine I bought an SSL certificate and key pair from a known CA, like Digicert. When I buy it, I specify a domain name for which I intend to use that certificate, say johnshomepage.com.
Is it theoretically possible to configure mitmproxy to work with this certificate & key pair? If not, why?
Thanks in advance.
This is perfectly doable. You can use your own (leaf) certificate by passing the
--cert [domain=]path_to_certificate
option to mitmproxy.More details are in the documentation: https://docs.mitmproxy.org/stable/concepts-certificates/#using-a-custom-server-certificate