We have a Raspberry Pi mitmproxy set up in our home to help monitor our young children's internet activities. (Yes, save the lecture, we also communicate with our kids. This is one extra safeguard in place - not a "solution".)
Recently, with the Coronavirus outbreak and our kids taking classes from home, we now have one extra Chromebook that the school provided. It i locked-down already from changing various settings, which is a good thing. But, I noticed that I can still update certificate authorities, so I wanted to set it up to use the proxy.
I connected the Chromebook to the proxy's wifi network, went to mimt.it and downloaded the .pem file. Then I went to "Settings > Manage Certificates" and installed it as an authority. I then went to a new browser tab and tried to access google.com. And... it gave an error about an invalid certificate.
I clicked to view the "google" certificate and it said that it was being issued by mitmproxy. Correct. I then went back to the Settings and found the correct certificate there in the list of authorities. Correct.
And after that I was at a loss as to what I check next. It seems like it should just work, yet it does not. (I tried closing and reopening the browser and also tried a different site than google.com just in case something was being cached...)
I had one idea that maybe the administrator has it locked down such that it will not accept anything outside some list of approved certificate authorities. Of course, there was no such error message and it didn't stop me from installing the certificate, so this is purely a guess. Hence, I am asking here if there is such a thing?
If so, what can I ask the administrator to do to unlock this?
