search

justcoding121 / titanium-web-proxy

A cross-platform asynchronous HTTP(S) proxy server in C#.
MIT License
1.93k stars 618 forks source link

Using Custom SSL Certificates #775

Open dynamicritz opened 4 years ago

dynamicritz commented 4 years ago

Hi, I have a .pfx file along with its password obviously... I want to use this while decrypting SSL. This is what I do:

var proxyServer = new ProxyServer("path/to/.pfx_file", "Issuer Name", true, true, true);
proxyServer.CertificateManager.PfxPassword = "password";
var httpProxy = new ExplicitProxyEndPoint(IPAddress.Parse(IP), Port, decryptSsl: true);
proxyServer.AddEndPoint(httpProxy);
proxyServer.BeforeRequest += OnBeforeRequest;
proxyServer.BeforeResponse += OnBeforeResponse;
proxyServer.AfterResponse += OnAfterResponse;

proxyServer.Start();

I had put this .pfx certificate in the client's Trusted Certificate Store. While accessing the proxy from the client it does not work... Shows security issue

justcoding121 commented 4 years ago

The first parameter in ProxyServer is not a path, the name of the root certificate to lookUp. If I recall right it looks at the execution directory where the proxy.dll is located.

You can take a look at certificate manager for details. To use a pfx path directly, I think you would need to set call below method, before starting the proxy.

proxyServer.CertificateManager.LoadRootCertificate(pfxFilePath, password, false);

See CertificateManager implementation in below link for details.

https://github.com/justcoding121/Titanium-Web-Proxy/blob/master/src/Titanium.Web.Proxy/Certificates/CertificateManager.cs

justcoding121 commented 4 years ago

See CertificateManager API docs below.

https://justcoding121.github.io/Titanium-Web-Proxy/docs/api/Titanium.Web.Proxy.Network.CertificateManager.html

dynamicritz commented 4 years ago

It would be nice if you could post a code segment for my use-case... I tried various methods but it seems I am not doing it the correct way