How to get GOG GALAXY to accept a MITM certificate

Just a quick post on how to set up MITM with GOG GALAXY so other people can take over my job. First make sure to update the application, because half of these changes get reverted with every update.

The part you need to do after every update

This makes the graphical interface work.

1. Get the MITM certificate from mitm.it in PEM format.
2. Open C:\ProgramData\GOG.com\Galaxy\redists\rootCA.pem in a text editor. ProgramData is not the same as Program Files!
3. Paste the downloaded certificate’s content at the end.
4. Save.

The part you only need to do once

This makes the background service work.

1. Get the MITM certificate from mitm.it in P12 format.
2. Import it into “Trusted Root Certification Authorities” using the Windows utility

Before version 12.0.0 mitmproxy did not have support for adding revocation information to certificates, which caused them to be rejected by the Windows Schannel backend. Make sure you are on the correct version if you want to capture Communication Service traffic.

For more information on how I set up mitmproxy for transparently proxying a VM read my previous article Transparent proxying setup for mitmproxy with only one VM