Possible way to test TSL/SSL interception?

Possible solutions to test for TSL/SSL interception and key store intergerity

I am assuming you mean TLS, I don’t know how to test the key store integrity or what you mean with it, but I would check for MITM by accessing the service through Tor and comparing the certificate I receive to the one I see locally. The best would be having a reliable channel to the admin and being able to ask what is the correct certificate.

There are also projects like EFF SSL Observatory that can potentially help, but I don’t know how to use it anymore. Before the time of webextensions, it was integrated to HTTPS Everywhere.

When governments openly MITM what could go wrong? also reminds me of RIPE atlas that Censored Planed used to detect the Kazakhstan MITM certificate.

Thank you. That help, is it still integrated in HTTPS Everywhere It would be cool to check the integrity of the key store

1 Like