Certificate Trust
To intercept HTTPS traffic, WePROXA generates a local root Certificate Authority (CA) and installs it in your macOS Keychain. This lets WePROXA decrypt, inspect, and re-encrypt HTTPS traffic transparently.
Setup Process
Section titled “Setup Process”When you first start WePROXA, it automatically generates a root CA certificate unique to your machine. However, to intercept HTTPS traffic, you must install and trust this certificate.
- Open WePROXA and go to Settings → Certificates.
- Click Install to macOS Keychain.
- Enter your macOS password when prompted — the certificate is installed in the System keychain and marked as trusted for SSL/TLS connections.
After this one-time setup, HTTPS interception works seamlessly.
Manual Trust
Section titled “Manual Trust”If you need to manually trust the certificate:
- Open Keychain Access (search in Spotlight)
- Find the WePROXA Root CA certificate in the System keychain (or login keychain if installed for the current user only)
- Double-click it and expand Trust
- Set Secure Sockets Layer (SSL) to Always Trust
- Close and enter your password to confirm
Removing the Certificate
Section titled “Removing the Certificate”To remove WePROXA’s CA certificate:
- Open Keychain Access
- Search for “WePROXA”
- Right-click the certificate and select Delete
Security
Section titled “Security”- The CA certificate is generated locally and never leaves your machine
- The private key is stored securely in the app’s data directory
- Each installation generates a unique certificate
- Removing WePROXA also removes the ability to impersonate any site