Can I use an SSL certificate from a trusted CA on mitmproxy?

1.9k views Asked by At

Using mitmproxy with its own certificate and private key is fairly straightforward. It is also easy to make mitmproxy work with a self-signed certificate. But my question is about making it work with a certificate bought from a trusted CA.

Imagine I bought an SSL certificate and key pair from a known CA, like Digicert. When I buy it, I specify a domain name for which I intend to use that certificate, say johnshomepage.com.

Is it theoretically possible to configure mitmproxy to work with this certificate & key pair? If not, why?

Thanks in advance.

1

There are 1 answers

1
Maximilian Hils On

This is perfectly doable. You can use your own (leaf) certificate by passing the --cert [domain=]path_to_certificate option to mitmproxy.

More details are in the documentation: https://docs.mitmproxy.org/stable/concepts-certificates/#using-a-custom-server-certificate