My work place intercepts SSL connections, looks at their contents, and then passes the data to and from my machine and remote hosts – a kind of man-in-the-middle attack. This is not uncommon in corporate or enterprise environments.
Now I have a virtual machine running on my computer. The virtual machine does not have the certificates the actual machine has which enable the MITM to work transparently. As a result, I get this message:
What can I do to resolve this?
Solution:
First thing’s first:
DO NOT DO THE FOLLOWING IF YOU DO NOT TRUST THE CERTIFICATE ISSUER
Doing this allows a man-in-the-middle to see all of your communications. This fix should only be employed if you are in a situation which warrants it, not if you’re sitting at a coffee shop and having problems connecting to things.
That said…
The first step is to acquire the certificate of the MITM.
To do so, click the little HTTPS lock and hit details:
Click “View Certificate” in the dialog that comes up.
Hit “Details” in the Certificate viewer and select the top certificate, which should be from an address other than the one you were trying to get to (see picture):
Then hit “Export” and save the certificate file.
Now, go to Settings → Advanced → Manage Certificates… → Authorities
And hit “Import”. Select the certificate file you saved previously and hit all of the check boxes that appear, authorizing it to certify everything.
