Class CertificateManager
A class to manage SSL certificates used by this proxy server.
Implements
Inherited Members
Namespace: Titanium.Web.Proxy.Network
Assembly: Titanium.Web.Proxy.dll
Syntax
public sealed class CertificateManager : IDisposable
Properties
| Improve this Doc View SourceCertificateCacheTimeOutMinutes
Minutes certificates should be kept in cache when not used.
Declaration
public int CertificateCacheTimeOutMinutes { get; set; }
Property Value
Type | Description |
---|---|
Int32 |
CertificateEngine
Select Certificate Engine. Optionally set to BouncyCastle. Mono only support BouncyCastle and it is the default.
Declaration
public CertificateEngine CertificateEngine { get; set; }
Property Value
Type | Description |
---|---|
CertificateEngine |
CertificateStorage
The fake certificate cache storage. The default cache storage implementation saves certificates in folder "crts" (will be created in proxy dll directory). Implement ICertificateCache interface and assign concrete class here to customize.
Declaration
public ICertificateCache CertificateStorage { get; set; }
Property Value
Type | Description |
---|---|
ICertificateCache |
CertificateValidDays
Number of Days generated HTTPS certificates are valid for. Maximum allowed on iOS 13 is 825 days and it is the default.
Declaration
public int CertificateValidDays { get; set; }
Property Value
Type | Description |
---|---|
Int32 |
DisableWildCardCertificates
Disable wild card certificates. Disabled by default.
Declaration
public bool DisableWildCardCertificates { get; set; }
Property Value
Type | Description |
---|---|
Boolean |
OverwritePfxFile
Overwrite Root certificate file.
true : replace an existing .pfx file if password is incorrect or if RootCertificate = null.
Declaration
public bool OverwritePfxFile { get; set; }
Property Value
Type | Description |
---|---|
Boolean |
PfxFilePath
Name(path) of the Root certificate file.
Set the name(path) of the .pfx file. If it is string.Empty Root certificate file will be named as "rootCert.pfx" (and will be saved in proxy dll directory)
Declaration
public string PfxFilePath { get; set; }
Property Value
Type | Description |
---|---|
String |
PfxPassword
Password of the Root certificate file.
Set a password for the .pfx file
Declaration
public string PfxPassword { get; set; }
Property Value
Type | Description |
---|---|
String |
RootCertificate
The root certificate.
Declaration
public X509Certificate2 RootCertificate { get; set; }
Property Value
Type | Description |
---|---|
X509Certificate2 |
RootCertificateIssuerName
Name of the root certificate issuer. (This is valid only when RootCertificate property is not set.)
Declaration
public string RootCertificateIssuerName { get; set; }
Property Value
Type | Description |
---|---|
String |
RootCertificateName
Name of the root certificate. (This is valid only when RootCertificate property is not set.) If no certificate is provided then a default Root Certificate will be created and used. The provided root certificate will be stored in proxy exe directory with the private key. Root certificate file will be named as "rootCert.pfx".
Declaration
public string RootCertificateName { get; set; }
Property Value
Type | Description |
---|---|
String |
SaveFakeCertificates
Save all fake certificates using CertificateStorage.
for can load the certificate and not make new certificate every time.
Declaration
public bool SaveFakeCertificates { get; set; }
Property Value
Type | Description |
---|---|
Boolean |
StorageFlag
Adjust behaviour when certificates are saved to filesystem.
Declaration
public X509KeyStorageFlags StorageFlag { get; set; }
Property Value
Type | Description |
---|---|
X509KeyStorageFlags |
Methods
| Improve this Doc View SourceClearRootCertificate()
Clear the root certificate and cache.
Declaration
public void ClearRootCertificate()
CreateRootCertificate(Boolean)
Attempts to create a RootCertificate.
Declaration
public bool CreateRootCertificate(bool persistToFile = true)
Parameters
Type | Name | Description |
---|---|---|
Boolean | persistToFile | if set to |
Returns
Type | Description |
---|---|
Boolean | true if succeeded, else false. |
CreateServerCertificate(String)
Creates a server certificate signed by the root certificate.
Declaration
public async Task<X509Certificate2> CreateServerCertificate(string certificateName)
Parameters
Type | Name | Description |
---|---|---|
String | certificateName |
Returns
Type | Description |
---|---|
Task<X509Certificate2> |
Dispose()
Declaration
public void Dispose()
EnsureRootCertificate()
Ensure certificates are setup (creates root if required). Also makes root certificate trusted based on initial setup from proxy constructor for user/machine trust.
Declaration
public void EnsureRootCertificate()
EnsureRootCertificate(Boolean, Boolean, Boolean)
Ensure certificates are setup (creates root if required). Also makes root certificate trusted based on provided parameters. Note:setting machineTrustRootCertificate to true will force userTrustRootCertificate to true.
Declaration
public void EnsureRootCertificate(bool userTrustRootCertificate, bool machineTrustRootCertificate, bool trustRootCertificateAsAdmin = false)
Parameters
Type | Name | Description |
---|---|---|
Boolean | userTrustRootCertificate | Should fake HTTPS certificate be trusted by this machine's user certificate store? |
Boolean | machineTrustRootCertificate | Should fake HTTPS certificate be trusted by this machine's certificate store? |
Boolean | trustRootCertificateAsAdmin | Should we attempt to trust certificates with elevated permissions by prompting for UAC if required? |
Finalize()
Declaration
protected void Finalize()
IsRootCertificateMachineTrusted()
Determines whether the root certificate is machine trusted.
Declaration
public bool IsRootCertificateMachineTrusted()
Returns
Type | Description |
---|---|
Boolean |
IsRootCertificateUserTrusted()
Determines whether the root certificate is trusted.
Declaration
public bool IsRootCertificateUserTrusted()
Returns
Type | Description |
---|---|
Boolean |
LoadRootCertificate()
Loads root certificate from current executing assembly location with expected name rootCert.pfx.
Declaration
public X509Certificate2 LoadRootCertificate()
Returns
Type | Description |
---|---|
X509Certificate2 |
LoadRootCertificate(String, String, Boolean, X509KeyStorageFlags)
Manually load a Root certificate file from give path (.pfx file).
Declaration
public bool LoadRootCertificate(string pfxFilePath, string password, bool overwritePfXFile = true, X509KeyStorageFlags storageFlag = X509KeyStorageFlags.Exportable)
Parameters
Type | Name | Description |
---|---|---|
String | pfxFilePath | Set the name(path) of the .pfx file. If it is string.Empty Root certificate file will be named as "rootCert.pfx" (and will be saved in proxy dll directory). |
String | password | Set a password for the .pfx file. |
Boolean | overwritePfXFile | true : replace an existing .pfx file if password is incorrect or if RootCertificate==null. |
X509KeyStorageFlags | storageFlag |
Returns
Type | Description |
---|---|
Boolean | true if succeeded, else false. |
RemoveTrustedRootCertificate(Boolean)
Removes the trusted certificates from user store, optionally also from machine store. To remove from machine store elevated permissions are required (will fail silently otherwise).
Declaration
public void RemoveTrustedRootCertificate(bool machineTrusted = false)
Parameters
Type | Name | Description |
---|---|---|
Boolean | machineTrusted | Should also remove from machine store? |
RemoveTrustedRootCertificateAsAdmin(Boolean)
Removes the trusted certificates from user store, optionally also from machine store
Declaration
public bool RemoveTrustedRootCertificateAsAdmin(bool machineTrusted = false)
Parameters
Type | Name | Description |
---|---|---|
Boolean | machineTrusted |
Returns
Type | Description |
---|---|
Boolean | Should also remove from machine store? |
TrustRootCertificate(Boolean)
Trusts the root certificate in user store, optionally also in machine store. Machine trust would require elevated permissions (will silently fail otherwise).
Declaration
public void TrustRootCertificate(bool machineTrusted = false)
Parameters
Type | Name | Description |
---|---|---|
Boolean | machineTrusted |
TrustRootCertificateAsAdmin(Boolean)
Puts the certificate to the user store, optionally also to machine store. Prompts with UAC if elevated permissions are required. Works only on Windows.
Declaration
public bool TrustRootCertificateAsAdmin(bool machineTrusted = false)
Parameters
Type | Name | Description |
---|---|---|
Boolean | machineTrusted |
Returns
Type | Description |
---|---|
Boolean | True if success. |