Shawn Webb
How the freak do I get #mitmproxy to actually proxy HTTPS traffic from a remote client system? Plaintext HTTP works, but not HTTPS.
Mar 24 at 5:02pmWeb
Show threadForbo2d ago
@lattera @capt8bit is this something you're versed in?
Show threadcapt8bit2d ago

@Forbo @lattera
Some ideas:

1. You can press `E` to view the event log, which will probably tell you what's going on.
2. If the upstream TLS certificate is "invalid", you may need to toggle `ssl_insecure` to `true`, in mitmproxy.
3. I'm sure you already have the mitmproxy certificate installed on the client.

Show threadShawn Webb2d ago

@capt8bit @Forbo OpenBSD's website (which I'm using to test mitmproxy's https bugginess) seems to be properly set up with HTTPS/TLS.

The behavior I'm seeing:

  • burp suite -> mitmproxy -> client site: both http and https works fine and dandy
  • firefox -> mitmproxy -> client site: http works fine, but https does not

    • The event log does show that firefox requested to connect to www.openbsd.org:443. But, it goes silent after that.

    Show threadShawn Webb2d ago

    @capt8bit @Forbo both firefox and burp suite are on the same system (a Windows 11 host). mitmproxy is deployed on a Debian VM.

    The command I ran:

    $ ./mitmproxy --listen-host=0.0.0.0 --listen-port=8080

    As far as I can tell, that should be all that's needed. But firefox still seems unhappy with https.

    Show threadShawn Webb2d ago

    @capt8bit @Forbo

    Absolutely randomly: mitmproxy decided to start working. I didn't do anything except for hit the refresh button in firefox.

    Glitch in the matrix?

    Show threadcapt8bit2d ago

    @lattera @Forbo
    Quite possibly a glitch in the matrix. That is strange.
    I use a similar setup often, and just tried again right now without issue. 👍🏼

    In my heart though, I'm still going to blame Windows. 😜