do not include subject key identifier in leaf certificates

This fixes #6494: if CA and leaf share the same SKI,
SChannel gets confused.

Co-authored-by: Andrius Andrikonis <andrius.andrikonis@toughlex.com>

CHANGELOG.md

@@ -7,6 +7,9 @@
 
 ## Unreleased: mitmproxy next
 
+* Fix compatibility with Windows SChannel clients, which previously got
+  confused by CA and leaf certificate sharing the same Subject Key Identifier.
+  ([#6549](https://github.com/mitmproxy/mitmproxy/pull/6549), @driuba and @mhils)
 * Fix bug where response flows from HAR files had incorrect `content-length` headers
   ([#6548](https://github.com/mitmproxy/mitmproxy/pull/6548), @zanieb)
 * Improved handling for `--allow-hosts`/`--ignore-hosts` options in WireGuard mode (#5930).

mitmproxy/certs.py

@@ -279,17 +279,15 @@ def dummy_cert(
         x509.SubjectAlternativeName(ss), critical=not is_valid_commonname
     )
 
-    # we just use the same key as the CA for these certs, so put that in the SKI extension
-    builder = builder.add_extension(
-        x509.SubjectKeyIdentifier.from_public_key(privkey.public_key()),
-        critical=False,
-    )
-    # add authority key identifier for the cacert issuing cert for greater acceptance by
-    # client TLS libraries (such as OpenSSL 3.x)
+    # https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1
     builder = builder.add_extension(
         x509.AuthorityKeyIdentifier.from_issuer_public_key(cacert.public_key()),
         critical=False,
     )
+    # If CA and leaf cert have the same Subject Key Identifier, SChannel breaks in funny ways,
+    # see https://github.com/mitmproxy/mitmproxy/issues/6494.
+    # https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2 states
+    # that SKI is optional for the leaf cert, so we skip that.
 
     cert = builder.sign(private_key=privkey, algorithm=hashes.SHA256())  # type: ignore
     return Cert(cert)