Recently I started playing around with SSL MiTM. I am an Information Securiy student and using ettercap in one of my projects and am stuck at one point. The goal of my project is to have ettercap MiTM and then send below variations of certs:
1. Unknown issuer
2. Expired cert
3. Revoked cert
and then test if the client throws an exception.
Unknown issuer is fine and I can get it done using etter.ssl.crt. However, I dont know how to use expired cert?? It might be fine to have an expired CA as well (i.e. expired etter.ssl.crt which signs on the fly certs)
I am stuck at this point and dont know how to go ahead. Can anybody please guide me?