LOGBOOK

HELP

Quiz Entry - updated: 2026.05.31

If an intercepting proxy's root certificate is not installed on the client, what does the user see, and why?

The browser shows a certificate warning ("not trusted" / "your connection is not private"), because the proxy's on-the-fly certificate chains to a CA the client doesn't trust.

The proxy still presents a certificate for the site, but it's signed by the proxy's own CA. Since that CA isn't in the client's trust-anchor store, the certification path can't reach a trusted root, so validation fails and the client warns the user.

This warning is the trust model working as designed — it's the last line of defence telling you "someone is vouching for this site that I don't recognise." Clicking through it deliberately lowers your own protection.

Tip: Certificate warnings aren't bureaucratic noise — each one means the chain of trust broke. On a site you don't control, that's a genuine red flag, not something to bypass.

From Quiz: ISF / Intercepting & Proxy Tools | Updated: May 31, 2026