If you want to view, modify or execute scripts for HTTPS requests, you must enable the MitM function. Before enabling the MitM function, your device needs to trust the CA certificate that you have self-signed, which can be imported into Stash by the user or generated by Stash.
For data security and privacy reasons, you should never share certificates with others or use CA certificates provided on the Internet.
http: # CA certificate encoded in PKCS #12 format ca: '' # Certificate password ca-passphrase: '' # Domain names list that enables the MitM function. Ensure that the above CA certificate is trusted by the system.
http: # Domain names list that enables the MitM function. Ensure that the above CA certificate is trusted by the system. mitm: - g.cn - '*.google.cn' - weather-data.apple.com # Only opens the 443 port by default - weather-data.apple.com:* # Uses a wildcard to open all ports - '*.weather-data.apple.com' # Wildcards can also be used in domain names
At this point, the MitM configuration is complete.
If you cannot add the CA certificate in the configuration file, you can use the Stash GUI to generate the CA certificate.
- On the Stash homepage, find MitM, select [CA Certificate];
- Click [Stash Generated CA] to generate a new certificate;
- Click [Install Certificate] to install the new certificate;
- Stash will automatically redirect to Safari for certificate installation, click [Allow] to install the new certificate;
- When [Downloaded Profiles] appears, it means that the certificate has been successfully installed;
- On the Stash homepage, find MitM, select [Hostname];
- Enter the domain name you want to add, such as *.google.cn, wildcards can be used in domain names, and click [+] next to it to add it to the MitM list;