Certificate Trust
To intercept HTTPS traffic, Weproxa generates a local root Certificate Authority (CA) and installs it in your macOS Keychain. This lets Weproxa decrypt, inspect, and re-encrypt HTTPS traffic transparently.
Setup Process
Section titled “Setup Process”When you first start Weproxa, it automatically generates a root CA certificate unique to your machine. However, to intercept HTTPS traffic, you must install and trust this certificate.
- Open Weproxa go to Settings -> Certificates
- Click Install to macOS Keychain
- Prompt for your password to install it in the macOS Keychain and mark it as trusted for SSL/TLS connections
After this one-time setup, HTTPS interception works seamlessly.
Manual Trust
Section titled “Manual Trust”If you need to manually trust the certificate:
- Open Keychain Access (search in Spotlight)
- Find the WePROXA Root CA certificate in the System keychain (or login keychain if installed for the current user only)
- Double-click it and expand Trust
- Set Secure Sockets Layer (SSL) to Always Trust
- Close and enter your password to confirm
Removing the Certificate
Section titled “Removing the Certificate”To remove Weproxa’s CA certificate:
- Open Keychain Access
- Search for “WePROXA”
- Right-click the certificate and select Delete
Security
Section titled “Security”- The CA certificate is generated locally and never leaves your machine
- The private key is stored securely in the app’s data directory
- Each installation generates a unique certificate
- Removing Weproxa also removes the ability to impersonate any site