我在使mitmproxy与ec2-api-tools配合使用时遇到麻烦。
在一个终端中,我这样做:
$ mitmproxy -p 8080
在另一项中,我做了:
$ export EC2_JVM_ARGS="-DproxySet=true -DproxyHost=127.0.0.1 -DproxyPort=8080 -Dhttps.proxySet=true -Dhttps.proxyHost=127.0.0.1 -Dhttps.proxyPort=8080"
$ ec2-describe-instances
我收到以下错误:
Unexpected error:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain(SSLSessionImpl.java:401)
at org.apache.commons.httpclient.contrib.amazon.ssl.StrictSSLProtocolSocketFactory.verifyHostname(StrictSSLProtocolSocketFactory.java:369)
at org.apache.commons.httpclient.contrib.amazon.ssl.StrictSSLProtocolSocketFactory.createSocket(StrictSSLProtocolSocketFactory.java:241)
at org.apache.commons.httpclient.HttpConnection.tunnelCreated(HttpConnection.java:786)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.tunnelCreated(MultiThreadedHttpConnectionManager.java:1521)
at org.apache.commons.httpclient.HttpMethodDirector.executeConnect(HttpMethodDirector.java:514)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:391)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.codehaus.xfire.transport.http.CommonsHttpMessageSender.send(CommonsHttpMessageSender.java:369)
at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:123)
at org.codehaus.xfire.transport.http.HttpChannel.send(HttpChannel.java:48)
at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:26)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
at org.codehaus.xfire.client.Client.invoke(Client.java:336)
at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
at com.sun.proxy.$Proxy12.describeInstances(Unknown Source)
at com.amazon.aes.webservices.client.Jec2Impl.describeInstances(Jec2Impl.java:1517)
at com.amazon.aes.webservices.client.Jec2Impl.describeInstances(Jec2Impl.java:1492)
at com.amazon.aes.webservices.client.cmd.DescribeInstances.invokeOnline(DescribeInstances.java:58)
at com.amazon.aes.webservices.client.cmd.BaseCmd.invoke(BaseCmd.java:1040)
at com.amazon.aes.webservices.client.cmd.DescribeInstances.main(DescribeInstances.java:67)
我在OS X上运行,并且已配置了钥匙串以信任mitmproxy-ca-cert.pem证书。
最佳答案
感谢Thomas Orozco的回答和this mitmproxy issue:
sudo keytool -importcert -alias mitmproxy -storepass "changeit" \
-keystore /System/Library/Java/Support/CoreDeploy.bundle/Contents/Home/lib/security/cacerts \
-trustcacerts -file ~/.mitmproxy/mitmproxy-ca-cert.pem