Class CertificateManager

A class to manage SSL certificates used by this proxy server.

Inheritance

Object

CertificateManager

Implements

IDisposable

Inherited Members

Object.ToString()

Object.Equals(Object)

Object.Equals(Object, Object)

Object.ReferenceEquals(Object, Object)

Object.GetHashCode()

Object.GetType()

Object.MemberwiseClone()

Namespace: Titanium.Web.Proxy.Network

Assembly: Titanium.Web.Proxy.dll

Syntax

public sealed class CertificateManager : IDisposable

Properties

| Improve this Doc View Source

CertificateCacheTimeOutMinutes

Minutes certificates should be kept in cache when not used.

Declaration

public int CertificateCacheTimeOutMinutes { get; set; }

Property Value

Type	Description
Int32

| Improve this Doc View Source

CertificateEngine

Select Certificate Engine. Optionally set to BouncyCastle. Mono only support BouncyCastle and it is the default.

Declaration

public CertificateEngine CertificateEngine { get; set; }

Property Value

Type	Description
CertificateEngine

| Improve this Doc View Source

CertificateStorage

The fake certificate cache storage. The default cache storage implementation saves certificates in folder "crts" (will be created in proxy dll directory). Implement ICertificateCache interface and assign concrete class here to customize.

Declaration

public ICertificateCache CertificateStorage { get; set; }

Property Value

Type	Description
ICertificateCache

| Improve this Doc View Source

CertificateValidDays

Number of Days generated HTTPS certificates are valid for. Maximum allowed on iOS 13 is 825 days and it is the default.

Declaration

public int CertificateValidDays { get; set; }

Property Value

Type	Description
Int32

| Improve this Doc View Source

DisableWildCardCertificates

Disable wild card certificates. Disabled by default.

Declaration

public bool DisableWildCardCertificates { get; set; }

Property Value

Type	Description
Boolean

| Improve this Doc View Source

OverwritePfxFile

Overwrite Root certificate file.

true : replace an existing .pfx file if password is incorrect or if RootCertificate = null.

Declaration

public bool OverwritePfxFile { get; set; }

Property Value

Type	Description
Boolean

| Improve this Doc View Source

PfxFilePath

Name(path) of the Root certificate file.

Set the name(path) of the .pfx file. If it is string.Empty Root certificate file will be named as "rootCert.pfx" (and will be saved in proxy dll directory)

Declaration

public string PfxFilePath { get; set; }

Property Value

Type	Description
String

| Improve this Doc View Source

PfxPassword

Password of the Root certificate file.

Set a password for the .pfx file

Declaration

public string PfxPassword { get; set; }

Property Value

Type	Description
String

| Improve this Doc View Source

RootCertificate

The root certificate.

Declaration

public X509Certificate2 RootCertificate { get; set; }

Property Value

Type	Description
X509Certificate2

| Improve this Doc View Source

RootCertificateIssuerName

Name of the root certificate issuer. (This is valid only when RootCertificate property is not set.)

Declaration

public string RootCertificateIssuerName { get; set; }

Property Value

Type	Description
String

| Improve this Doc View Source

RootCertificateName

Name of the root certificate. (This is valid only when RootCertificate property is not set.) If no certificate is provided then a default Root Certificate will be created and used. The provided root certificate will be stored in proxy exe directory with the private key. Root certificate file will be named as "rootCert.pfx".

Declaration

public string RootCertificateName { get; set; }

Property Value

Type	Description
String

| Improve this Doc View Source

SaveFakeCertificates

Save all fake certificates using CertificateStorage.

for can load the certificate and not make new certificate every time.

Declaration

public bool SaveFakeCertificates { get; set; }

Property Value

Type	Description
Boolean

| Improve this Doc View Source

StorageFlag

Adjust behaviour when certificates are saved to filesystem.

Declaration

public X509KeyStorageFlags StorageFlag { get; set; }

Property Value

Type	Description
X509KeyStorageFlags

Methods

| Improve this Doc View Source

ClearRootCertificate()

Clear the root certificate and cache.

Declaration

public void ClearRootCertificate()

| Improve this Doc View Source

CreateRootCertificate(Boolean)

Attempts to create a RootCertificate.

Declaration

public bool CreateRootCertificate(bool persistToFile = true)

Parameters

Type	Name	Description
Boolean	persistToFile	if set to `true` try to load/save the certificate from rootCert.pfx.

Returns

Type	Description
Boolean	true if succeeded, else false.

| Improve this Doc View Source

CreateServerCertificate(String)

Creates a server certificate signed by the root certificate.

Declaration

public async Task<X509Certificate2> CreateServerCertificate(string certificateName)

Parameters

Type	Name	Description
String	certificateName

Returns

Type	Description
Task<X509Certificate2>

| Improve this Doc View Source

Dispose()

Declaration

public void Dispose()

| Improve this Doc View Source

EnsureRootCertificate()

Ensure certificates are setup (creates root if required). Also makes root certificate trusted based on initial setup from proxy constructor for user/machine trust.

Declaration

public void EnsureRootCertificate()

| Improve this Doc View Source

EnsureRootCertificate(Boolean, Boolean, Boolean)

Ensure certificates are setup (creates root if required). Also makes root certificate trusted based on provided parameters. Note:setting machineTrustRootCertificate to true will force userTrustRootCertificate to true.

Declaration

public void EnsureRootCertificate(bool userTrustRootCertificate, bool machineTrustRootCertificate, bool trustRootCertificateAsAdmin = false)

Parameters

Type	Name	Description
Boolean	userTrustRootCertificate	Should fake HTTPS certificate be trusted by this machine's user certificate store?
Boolean	machineTrustRootCertificate	Should fake HTTPS certificate be trusted by this machine's certificate store?
Boolean	trustRootCertificateAsAdmin	Should we attempt to trust certificates with elevated permissions by prompting for UAC if required?

| Improve this Doc View Source

Finalize()

Declaration

protected void Finalize()

| Improve this Doc View Source

IsRootCertificateMachineTrusted()

Determines whether the root certificate is machine trusted.

Declaration

public bool IsRootCertificateMachineTrusted()

Returns

Type	Description
Boolean

| Improve this Doc View Source

IsRootCertificateUserTrusted()

Determines whether the root certificate is trusted.

Declaration

public bool IsRootCertificateUserTrusted()

Returns

Type	Description
Boolean

| Improve this Doc View Source

LoadRootCertificate()

Loads root certificate from current executing assembly location with expected name rootCert.pfx.

Declaration

public X509Certificate2 LoadRootCertificate()

Returns

Type	Description
X509Certificate2

| Improve this Doc View Source

LoadRootCertificate(String, String, Boolean, X509KeyStorageFlags)

Manually load a Root certificate file from give path (.pfx file).

Declaration

public bool LoadRootCertificate(string pfxFilePath, string password, bool overwritePfXFile = true, X509KeyStorageFlags storageFlag = X509KeyStorageFlags.Exportable)

Parameters

Type	Name	Description
String	pfxFilePath	Set the name(path) of the .pfx file. If it is string.Empty Root certificate file will be named as "rootCert.pfx" (and will be saved in proxy dll directory).
String	password	Set a password for the .pfx file.
Boolean	overwritePfXFile	true : replace an existing .pfx file if password is incorrect or if RootCertificate==null.
X509KeyStorageFlags	storageFlag

Returns

Type	Description
Boolean	true if succeeded, else false.

| Improve this Doc View Source

RemoveTrustedRootCertificate(Boolean)

Removes the trusted certificates from user store, optionally also from machine store. To remove from machine store elevated permissions are required (will fail silently otherwise).

Declaration

public void RemoveTrustedRootCertificate(bool machineTrusted = false)

Parameters

Type	Name	Description
Boolean	machineTrusted	Should also remove from machine store?

| Improve this Doc View Source

RemoveTrustedRootCertificateAsAdmin(Boolean)

Removes the trusted certificates from user store, optionally also from machine store

Declaration

public bool RemoveTrustedRootCertificateAsAdmin(bool machineTrusted = false)

Parameters

Type	Name	Description
Boolean	machineTrusted

Returns

Type	Description
Boolean	Should also remove from machine store?

| Improve this Doc View Source

TrustRootCertificate(Boolean)

Trusts the root certificate in user store, optionally also in machine store. Machine trust would require elevated permissions (will silently fail otherwise).

Declaration

public void TrustRootCertificate(bool machineTrusted = false)

Parameters

Type	Name	Description
Boolean	machineTrusted

| Improve this Doc View Source

TrustRootCertificateAsAdmin(Boolean)

Puts the certificate to the user store, optionally also to machine store. Prompts with UAC if elevated permissions are required. Works only on Windows.

Declaration

public bool TrustRootCertificateAsAdmin(bool machineTrusted = false)

Parameters

Type	Name	Description
Boolean	machineTrusted

Returns

Type	Description
Boolean	True if success.

Implements

System.IDisposable