I often use mitmproxy in order to see the HTTP calls that programs are making under the hood. vcert, a tool used for operating Venafi TPP and Venafi Cloud, did not seem to be working with mitmproxy. This post presents the steps I took to discover that the issue comes from an unsupported feature of mitmproxy: TLS renegotiation.
