Docs, minor cert tweaks.

4 files changed, 50 insertions, 16 deletions

diff --git a/doc-src/certinstall/chrome.html b/doc-src/certinstall/chrome.html
deleted file mode 100644
index e69de29b..00000000
--- a/doc-src/certinstall/chrome.html
+++ /dev/null
diff --git a/doc-src/certinstall/index.py b/doc-src/certinstall/index.py
index 3dee24ec..bf115ff8 100644
--- a/doc-src/certinstall/index.py
+++ b/doc-src/certinstall/index.py
@@ -2,9 +2,9 @@ from countershape import Page
 
 pages = [
     Page("firefox.html", "Firefox"),
-    Page("chrome.html", "Chrome"),
     Page("safari.html", "Safari"),
     Page("ie.html", "Internet Explorer"),
+    Page("osx.html", "OSX"),
     Page("windows7.html", "Windows 7"),
     Page("ios.html", "IOS"),
 ]
diff --git a/doc-src/certinstall/osx.html b/doc-src/certinstall/osx.html
new file mode 100644
index 00000000..bcb72f50
--- /dev/null
+++ b/doc-src/certinstall/osx.html
@@ -0,0 +1,15 @@
+
+### 1: Open Finder, and double-click on the mitmproxy ca.pem file.
+
+
+### 2: You will be prompted to add the certificate. Click "Add": 
+
+<img src="@!urlTo('osx-addcert.png')!@"/>
+
+### 3: Click "Always Trust": 
+
+<img src="@!urlTo('osx-addcert-alwaystrust.png')!@"/>
+
+You may be prompted for your password. You should now see the mitmproxy cert
+listed under "Certificates".
+
diff --git a/doc-src/certinstall/windows7.html b/doc-src/certinstall/windows7.html
index 16d3f611..b8632d56 100644
--- a/doc-src/certinstall/windows7.html
+++ b/doc-src/certinstall/windows7.html
@@ -1,21 +1,40 @@
 
-<p> Here's a quick and easy procedure you can use for Windows 7, as long as
-the app in question uses the global Windows certificate repository. </p>
+The Windows certificate manager expects a different certificate format from the
+one used by mitmproxy. The easiest way to convert the cert to the appropriate
+format is to use the Firefox web browser.
+
+
+### 1: Make sure Firefox is installed on the system.
+
+### 2: Fire up mitmproxy on the interception host. 
+
+### 3: Configure Firefox to use the mitmproxy interceptor.
+
+### 4: Using Firefox, browse to an SSL-protected domain. You will see a warning: 
+
+
+### 5: Click "I understand the risks" and "Add Exception":
+
+
+### 6: Click "Get certificate", "View", and switch to the "Details" tab:
+
+
+### 7: Click "Export", and save the certificate in "X.509 Certificate (PEM)" format:
+
+
+### 8: Next, start a command prompt, and type "certmgr" to start the Certificate Manager:
+
+
+### 9: From the top menu, select "Action", "All tasks", and then "Import":
+
+
+### 10: Click "Next", and browse to select the cert we just exported from Firefox:
+
+
+### 11: Click "Next", and "Finish" to complete the import. Accept all warning prompts.
+
 
-<ul>
 
-    <li> Fire up MITMProxy, and configure Firefox on the Windows box to use
-    it. Browse to the target domain, and you should see a big warning about
-    an untrusted certificate. Use Firefox to export the certificate ("Add
-    Exception", "Get Certificate", then "View", tab to "Details" and click
-    "Export").  </li>
 
-    <li> From the command console, fire up <b>certmgr</b>. Select "Trusted
-    Root Certification Authorities", then on the top menu, "Action", "All
-    Tasks", and "Import". When prompted, select the certificate file you've
-    just saved from Firefox.</li>
 
-    <li> And that's it - your certificate should now be trusted for that
-    domain. Happy pentesting.</li>
 
-</ul>