Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

If you want to intercept and read HTTPS traffic, you'll need a proxy that reencrypts the traffic. mitmproxy or sslsplit can do that for you, provided you can install custom CA certificate on the devices. Be careful though, this could be a huge security issue.

There are several ways to set it up. The easiest is to just have it running on a machine somewhere on the network, and configure each device to use said HTTP proxy.

However this can easily be bypassed by modifying the wifi proxy setting. The surefire way to redirect all traffic through it is to run it in transparent mode. In that case, you need to put the proxy in the network chain, so it most likely means you need a separate wifi for those devices, and a computer with two network interfaces to run the proxy. (Actually it can work with just one device like a raspberry pi, but that's quite a lot of configuration.)

Before doing any of that, make sure you understand 1. the implications of installing a custom CA certificate and 2. the basics of network routing.