Question Regarding Sub-Certificate CN/O/OU Customization in ZAP
15 views
Skip to first unread message
komi yy
Sep 16, 2025, 7:39:10 AM (7 days ago) Sep 16
to ZAP User Group
While studying the source code, I noticed that the class `CachedSslCertifificateServiceImpl` is only a cache layer, and `SslCertificateServiceImpl.createCertForHost()` appears to be a placeholder with no implementation for generating host certificates. Consequently, when I import my own root certificate, the generated sub-certificates still have the default O/OU values set to "ZAP" and "Zed Attack Proxy Project," and I cannot find a way to customize them.
I am to kindly ask for your guidance on the following points:
1. Is there an existing mechanism in ZAP that allows customizing the O/OU fields of the dynamically generated sub-certificates?
2. If not, would you be able to advise on how I could implement such functionality myself, ideally without breaking the overall ZAP certificate handling process?
I greatly appreciate your time and any pointers you can provide. ZAP has been an incredibly useful tool for security testing, and I would love to understand this part of the code better.
Thank you very much in advance.
I am to kindly ask for your guidance on the following points:
1. Is there an existing mechanism in ZAP that allows customizing the O/OU fields of the dynamically generated sub-certificates?
2. If not, would you be able to advise on how I could implement such functionality myself, ideally without breaking the overall ZAP certificate handling process?
I greatly appreciate your time and any pointers you can provide. ZAP has been an incredibly useful tool for security testing, and I would love to understand this part of the code better.
Thank you very much in advance.
Reply all
Reply to author
Forward
0 new messages