We pass --certs tests/keys/mitmproxy-ca.pem, but --certs is for specifying website certs, not CA certs, so it's ignored and the user-wide ~/.mitmproxy/mitmproxy-ca.pem is used instead. We should either fix the way we specify the CA cert or (if that allows not using a CA cert at all) provide a website cert instead of a CA cert.
Yeah, that looks like the solution for the first option, though it notably takes a dir, not a file (but just passing tests/keys is unlikely to be problematic).
We pass
--certs tests/keys/mitmproxy-ca.pem
, but--certs
is for specifying website certs, not CA certs, so it's ignored and the user-wide~/.mitmproxy/mitmproxy-ca.pem
is used instead. We should either fix the way we specify the CA cert or (if that allows not using a CA cert at all) provide a website cert instead of a CA cert.