You need to get a root certificate in place for mitmproxy. The easy way to do
that is to just run mitmproxy
and exit. The certificate can then be found at
~/.mitmproxy/mitmproxy-ca.pem
.
After having generated the certificate you can import it into MacOS keychain and then syncing the Keychain with the openssl cert.pem
You can do that by running ./install-cert.sh
that is found in this gist.
Now you can launch mitmproxy
in one terminal.
Opening up another terminal set the appropriate proxy and CA_CERT environment variables
with eval "$(./mitmproxy-env.sh)"
Now running a command you will see the requests the command is making in the mitmproxy tui.
- Chrome: automatically picks up certificates from the MacOS keychain.
- Firefox: accoring to the support docs you need to set
security.enterprise_roots.enabled=true
inabout:config
- you can also do it with enterprise policies:
mkdir /Applications/Firefox.app/Contents/Resources/distribution jq --null-input '.policies.Certificates.ImportEnterpriseRoots |= true' > /Applications/Firefox.app/Contents/Resources/distribution/policies.json
- you can also do it with enterprise policies: