HTML |
---|
<div style="background-color: yellow; border: 2px solid red; margin: 4px; padding: 2px; font-weight: bold; text-align: center;">
This page was moved to <a href="https://github.com/CERTCC/tapioca/wiki/Tapioca-Tutorials">https://github.com/CERTCC/tapioca/wiki/Tapioca-Tutorials</a>
<br>
Click in the link above if you are not automatically redirected in 3 seconds.
</div>
<meta http-equiv="refresh" content="3; URL='https://github.com/CERTCC/tapioca/wiki/Tapioca-Tutorials'" />
|
Problem:
After installing the mitmproxy CA certificate in a client system, you get an error in the client application stating that the website certificate is invalid. Depending on the browser used, the errors may include:
- NET::ERR_CERT_DATE_INVALID
- The certificate is not trusted because the issuer certificate has expired.
- This certificate has expired or is not yet valid
Cause:
When CERT Tapioca restarts the mitmproxy capture via mitm.sh
, the .mitmproxy
directory is copied from a static copy provided by Tapioca. This CA certificate expired on July 10, 2016 for CERT Tapioca 1.0.
Solution:
Delete the ~/.mitmproxy
directory:
Code Block | ||
---|---|---|
| ||
rm -rf ~/.mitmproxy |
Modify the ~/.mitm.sh
script to not copy over the ~/.mitmproxy
contents:
Code Block | ||||
---|---|---|---|---|
| ||||
#!/bin/bash
#cp -a ~/.mitmproxy_CA/* ~/.mitmproxy
sudo ~/iptables_mitmproxy.sh
mitmproxy -T -w ~/logs/flows.log |
...