Here’s quick tutorial on how to create a firefox profile and then set it up to proxy through ZAP as well as importing a certificate to avoid firefox warnings because your SSL session is being intercepted.

 

First open ZAP, click the gear icon or click Tools > Options.

Then click the Dynamic SSL Certifcates tab and then save the certificate.

ZAPDynamicCert
ZAP Dynamic Cert

Close all your Firefox windows and then run the following in a command prompt to load the Firefox Profile Manager:

on Mac it is:

Create a new profile then Start Firefox

FirefoxProfileManager
Firefox Profile Manager

In Firefox, open the Menu and Preferences.

Select Advanced in the left menu, then the Network tab. Click Settings.

FirefoxProxySettings1

In Connection Settings:
Select “Manual proxy configuration”
In HTTP Proxy, enter “localhost”
In Port:, enter “8080”
Select “Use this proxy server for all protocols” and then click Ok

FirefoxConnectionSettings

 

Now in the Certificates tab. Click View Certificates. Then import the ZAP cert.

FirefoxCertificates

FirefoxImportCertificate

Now ZAP will process all your web traffic and intercept all SSL sessions without firefox complaining about it.  Enjoy.

Firefox Profile Manager for ZAP Proxy and SSL intercept
Tagged on:                     

Leave a Reply