titanium-web-proxy
titanium-web-proxy copied to clipboard
Error Https > Error code: SEC_ERROR_BAD_SIGNATURE
I have an error like this: Firefox: Secure Connection Failed An error occurred during a connection to support.mozilla.org. Peer’s certificate has an invalid signature. Error code: SEC_ERROR_BAD_SIGNATURE
Chrome: Your connection is not private Attackers might be trying to steal your information from www.google.com (for example, passwords, messages, or credit cards). Learn more NET::ERR_CERT_AUTHORITY_INVALID
can you lead me?
`
public static void Main(string[] args)
{
var proxyServer = new ProxyServer();
proxyServer.ProxyAuthenticationRealm = "";
Func<SessionEventArgsBase, string, string, Task<bool>> p = async (args, userName, password) =>
{
return true;
};
proxyServer.ProxyBasicAuthenticateFunc = p;
proxyServer.CertificateManager.CertificateEngine = Titanium.Web.Proxy.Network.CertificateEngine.BouncyCastle;
var explicitEndPoint = new ExplicitProxyEndPoint(IPAddress.Any, 81, true)
{
// Use self-issued generic certificate on all https requests
// Optimizes performance by not creating a certificate for each https-enabled domain
// Useful when certificate trust is not required by proxy clients
// GenericCertificate = new X509Certificate2(Path.Combine(System.IO.Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location), "genericcert.pfx"), "password")
};
proxyServer.AddEndPoint(explicitEndPoint);
proxyServer.Start();
}
`
I see this same problem, but only on Linux. Works fine on Mac and Windows. Bug in BouncyCastle maybe?
I'm receiving this problem as well with latest version.
_proxyServer.CertificateManager.CertificateEngine = Titanium.Web.Proxy.Network.CertificateEngine.BouncyCastle; _proxyServer.CertificateManager.CertificateValidDays = 365; _rootCertificate = _proxyServer.CertificateManager.RootCertificate; File.WriteAllBytes($"wwwroot/Cert/ProxyManRootCert.cer", _rootCertificate.Export(X509ContentType.Cert));
work well in windows / mac /liunx (add ProxyManRootCert.cer by ca-certificates in liunx) titanium-web-proxy version is 3.1.1397
This error is you have to decrypt ssl and server will encrypt and sign the web content with a new self-sign cert, and you dont install a self-sign root certificate after start proxy. Change ExplicitEnpoint to: var explicitEndPoint = new ExplicitProxyEndPoint(IPAddress.Any, 81, false);