Alternatives to using a CA certificate

Question

Is there an alternative to installing a CA SSL certificate for intercepting traffic for only one site?

I don't like the idea of being able to modify any request, and would like to technically limit it to one domain only, is this possible or if using a MITM do you need to trust the MITM with everything?

Example: You are intercepting all calls to testing site example.com for development reasons, so to dogfood you install a CA certificate onto the devices of the testers. Now you can intercept all domains. The testers dislike this as it invades their privacy.

Is there a way instead to use a certificate installed on devices that will only work for example.com without modifying the certificate given out by the site, or handing over the actual certificate of example.com to mitmproxy?

The question is unclear to me. Could you please explain the issue a bit more? It is unclear why mitm is the tool of choice to solve the issue. — rvaneijk, Jul 30 '15 at 07:53
As far as I know, you either route all traffic through the proxy, or you use the network without a proxy. — rvaneijk, Aug 01 '15 at 08:15

score 1 · Answer 1 · answered Aug 01 '15 at 08:16

As far as I know, you either route all traffic through the proxy, or you use the network without a proxy. To make the (re)configuration of the network settings easy, a mobile app like proxydroid or a browser extension such as foxyproxy may work for you.

Alternatives to using a CA certificate

1 Answers1