problem certificate ssl

[Y-GM]

Describe the bug

I install certificate ssl, but some sites accept and others do not
[https://i.imgur.com/NrCoLJy.png]

To Reproduce

Steps to reproduce the behavior:

python -m proxy.common.pki gen_private_key --private-key-path ca-key.der python -m proxy.common.pki remove_passphrase --private-key-path ca-key.der python -m proxy.common.pki gen_public_key --private-key-path ca-key.der --public-key-path ca-cert.der python -m proxy.common.pki gen_private_key --private-key-path ca-signing-key.der python -m proxy.common.pki remove_passphrase --private-key-path ca-signing-key.der

1. Run "proxy --plugins proxy.plugin.CacheResponsesPlugin --ca-key-file ca-key.der --ca-cert-file ca-cert.der --ca-signing-key-file ca-signing-key.der"
2. Do 'ssl.SSLError: [X509: KEY_VALUES_MISMATCH] key values mismatch (_ssl.c:3895)' to trigger error
3. https://i.imgur.com/2vFZt4s.png

Version information

• OS: [e.g. Windows 10]
• Browser [e.g. Firefox]
• Device: [e.g. PC]
• proxy.py Version [e.g. 2.4.3]

Screenshots

[https://i.imgur.com/NrCoLJy.png]

[abhinavsingh]

@Y-GM Certain clients will perform a server signature verification and reject the response if signature doesn't match. Clients may even have these server signature hardcoded in clients or they may use out-of-band mechanism for server certificate verification. Irrespective, in such scenario you may end up seeing above errors.

Quoting from a SO thread https://stackoverflow.com/a/41658160

In our case, client is the browser and proxy.py acting as a server (TLS interception). If client wishes, they can check for server signature and deduce that the received response from proxy.py (server) doesn't match their expectations.