Error Https > Error code: SEC_ERROR_BAD_SIGNATURE

[mehrabiani]

I have an error like this: Firefox: Secure Connection Failed An error occurred during a connection to support.mozilla.org. Peer’s certificate has an invalid signature. Error code: SEC_ERROR_BAD_SIGNATURE

Chrome: Your connection is not private Attackers might be trying to steal your information from www.google.com (for example, passwords, messages, or credit cards). Learn more NET::ERR_CERT_AUTHORITY_INVALID

can you lead me?

`

    public static void Main(string[] args)
    {
        var proxyServer = new ProxyServer();
        proxyServer.ProxyAuthenticationRealm = "";

        Func<SessionEventArgsBase, string, string, Task<bool>> p = async (args, userName, password) =>
                          {
                              return true;
                          };
        proxyServer.ProxyBasicAuthenticateFunc = p;
		

        proxyServer.CertificateManager.CertificateEngine = Titanium.Web.Proxy.Network.CertificateEngine.BouncyCastle;


        var explicitEndPoint = new ExplicitProxyEndPoint(IPAddress.Any, 81, true)
        {
            // Use self-issued generic certificate on all https requests
            // Optimizes performance by not creating a certificate for each https-enabled domain
            // Useful when certificate trust is not required by proxy clients
            // GenericCertificate = new X509Certificate2(Path.Combine(System.IO.Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location), "genericcert.pfx"), "password")
        };
         
         
        proxyServer.AddEndPoint(explicitEndPoint);
        proxyServer.Start();

    }

`

[mbparker]

I see this same problem, but only on Linux. Works fine on Mac and Windows. Bug in BouncyCastle maybe?

[developervariety]

I'm receiving this problem as well with latest version.

[lulianqi]

_proxyServer.CertificateManager.CertificateEngine = Titanium.Web.Proxy.Network.CertificateEngine.BouncyCastle; _proxyServer.CertificateManager.CertificateValidDays = 365; _rootCertificate = _proxyServer.CertificateManager.RootCertificate; File.WriteAllBytes($"wwwroot/Cert/ProxyManRootCert.cer", _rootCertificate.Export(X509ContentType.Cert));

work well in windows / mac /liunx （add ProxyManRootCert.cer by ca-certificates in liunx） titanium-web-proxy version is 3.1.1397

[laipg91]

This error is you have to decrypt ssl and server will encrypt and sign the web content with a new self-sign cert, and you dont install a self-sign root certificate after start proxy. Change ExplicitEnpoint to: var explicitEndPoint = new ExplicitProxyEndPoint(IPAddress.Any, 81, false);