Avoid invalid ssl certificate popup ?

**ronin101** · 06-07-2011, 09:00 AM

Is there a tool or a method to avoid the "invalid certificate" browser popup when sniffing ssl traffic ?

I've expiremented with ettercap and webmitm and also sslstrip

But I'm wondering if it's possible to keep the ssl connection (not like sslstrip) and yet sniff the traffic without the warning ?
Could it be possible to put our own face certificate on the victim's machine to avoid further popup ? I'm interested in any method practical or theoretical.

Thanks

**Stan464** · 07-24-2011, 04:24 PM

Don't think so, depending on the browser of choice, it will warn the user that the certificate is possibly fraudulent, you could try by adding your own SSL Details, i know there's an option for it somewhere, but you will need to set a generic one for soemthing like "Verisign" but it may or may not work.

BackTrack Linux - Penetration Testing Distribution

Thread: Avoid invalid ssl certificate popup ?

Thread Tools

Search Thread

Display

Avoid invalid ssl certificate popup ?

Re: Avoid invalid ssl certificate popup ?

Similar Threads

DHCP: [192.168.1.1] ACK : 0.0.0.0 invalid GW invalid

Wicd message popup.

krandrtray popup

wiki.remote-exploit.org uses an invalid security certificate ????

avoid loging on router

Posting Permissions