Getting unsecured connection after proxy restart

[kpobb1989]

Hello. Recently I started using this amazing package and faced with a weird issue. The issue happens right after proxy server restart if the previos cert was not deleted from the cert storage. The client simply gets unsecured connection. Am I missing something ?

Here my code sample:

            var proxyServer = new Titanium.Web.Proxy.ProxyServer();
            proxyServer.BeforeRequest += BeforeRequest;
            proxyServer.BeforeResponse += BeforeResponse;
            // Below settings are required by iOS v15
            proxyServer.SupportedSslProtocols = SslProtocols.Tls12;
            proxyServer.CertificateManager.CertificateValidDays = 300;

            // "extra stage" on every run, otherwise the client gets unsecured connection
            proxyServer.CertificateManager.RemoveTrustedRootCertificateAsAdmin();
            proxyServer.CertificateManager.ClearRootCertificate();
            proxyServer.CertificateManager.CertificateValidDays = 300; 
            proxyServer.CertificateManager.CreateRootCertificate();
            proxyServer.CertificateManager.TrustRootCertificate();

            var httpProxy = new ExplicitProxyEndPoint(IPAddress.Any, port, decryptSsl: true);
            httpProxy.BeforeTunnelConnectRequest += BeforeTunnelConnectRequest;
            proxyServer.AddEndPoint(httpProxy);
            proxyServer.Start();

Also I noted that CreateRootCertificate() method creates two certificates (Current User/Personal/Certificates and Current User/Trusted Root Certificate Authorities), however RemoveTrustedRootCertificateAsAdmin and ClearRootCertificate do not delete the one from Current User/Personal/Certificates. It leads to duplicates on every cert creation.

[kpobb1989]

Hey, I've found a solution after debugging Titanium.Web.Proxy.

Here the working code sample:

            var proxyServer = new Titanium.Web.Proxy.ProxyServer();
            proxyServer.BeforeRequest += BeforeRequest;
            proxyServer.BeforeResponse += BeforeResponse;
            // Below settings are required by iOS v15
            proxyServer.SupportedSslProtocols = SslProtocols.Tls12;
            proxyServer.CertificateManager.CertificateValidDays = 300;

            proxyServer.CertificateManager.RootCertificate = proxyServer.CertificateManager.LoadRootCertificate();

            // Create a new rootCert.pfx when it does not exist in the root folder
            if (proxyServer.CertificateManager.RootCertificate == null)
            {
                // Delete is required in case rootCert.pf file was deleted, but the certs are still exist in the storage
                proxyServer.CertificateManager.RemoveTrustedRootCertificateAsAdmin();
                proxyServer.CertificateManager.CreateRootCertificate();
                proxyServer.CertificateManager.TrustRootCertificate();
            }
            var httpProxy = new ExplicitProxyEndPoint(IPAddress.Any, port, decryptSsl: true);
            httpProxy.BeforeTunnelConnectRequest += BeforeTunnelConnectRequest;
            proxyServer.AddEndPoint(httpProxy);
            proxyServer.Start();

It would be great if proxyServer.CertificateManager.LoadRootCertificate() (the overload without parameters) could load the RootCertificate internally as well. From user perspective the following code looks a bit weird

Case 1

            // It is not obvious that the user must initialize RootCertificate
            proxyServer.CertificateManager.RootCertificate = proxyServer.CertificateManager.LoadRootCertificate();

            if (proxyServer.CertificateManager.RootCertificate == null)
            {
                proxyServer.CertificateManager.CreateRootCertificate();
                proxyServer.CertificateManager.TrustRootCertificate();
            }

Case 2

          // as well as it is not obvious that the second overload with nulls will initialize the internal RootCertificate
          if (!proxyServer.CertificateManager.LoadRootCertificate(null, null))
            {
                proxyServer.CertificateManager.CreateRootCertificate();
                proxyServer.CertificateManager.TrustRootCertificate();
            }

I think it makes sense if the LoadRootCertificate() method without parameters would have the same signature as the overload with parameters (it should load RootCertificate internally and return boolean if it does not exist)

Also when proxyServer.CertificateManager.RootCertificate is null after calling RemoveTrustedRootCertificateAsAdmin() it won't delete the personal certificate, because of the following condition:

        private void uninstallCertificate(StoreName storeName, StoreLocation storeLocation, X509Certificate2? certificate)
        {
            if (certificate == null)
            {
                onException(new Exception("Could not remove certificate as it is null or empty."));
                return;
            }

I think need to add an extra condition to check if the cert is exist by using defaultRootRootCertificateName/password combination.