Load a cert from cert store instead of getting it from physical file

[kpobb1989]

This is just an idea how the cert can be loaded from the store instead of getting it from a file. For code it does not matter whether the data came from memory/physical file or cert store. It would be great if this behavior would be by default.

Here the code sample:

            var proxyServer = new Titanium.Web.Proxy.ProxyServer();
            // iOS v15 settings. Also would be great to add them by default
            proxyServer.SupportedSslProtocols = SslProtocols.Tls12;
            proxyServer.CertificateManager.CertificateValidDays = 300;

            // Need to create a new method to simplify user's life
            proxyServer.CertificateManager.LoadOrCreateRootCertificate();

            var httpProxy = new ExplicitProxyEndPoint(IPAddress.Any, port, decryptSsl: true);
            httpProxy.BeforeTunnelConnectRequest += BeforeTunnelConnectRequest;
            proxyServer.AddEndPoint(httpProxy);
            proxyServer.Start();

Here the implementation of LoadOrCreateRootCertificate()

    public static class CertificateManagerExtensions
    {
        public static void LoadOrCreateRootCertificate(this CertificateManager manager)
        {
            // Load the cert from store
            manager.RootCertificate = CertificateManager.Load(manager.RootCertificateName);

            if (manager.RootCertificate == null)
            {
                manager.RemoveTrustedRootCertificateAsAdmin();
                manager.RemovePersonalCertificate(); // My solution to remove personal certs. Would be better to solve the root case inside of RemoveTrustedRootCertificateAsAdmin()
                manager.CreateRootCertificate(false);
                manager.TrustRootCertificate();
            }
        }

        public static void RemovePersonalCertificate(this CertificateManager manager)
        {
            CertificateManager.Delete(manager.RootCertificateName);
        }
    }

CertificateManager implementation

    public static class CertificateManager
    {
        public static X509Certificate2? Load(string subjectName, StoreName storaName = StoreName.My, StoreLocation storeLocation = StoreLocation.CurrentUser)
        {
            X509Store store = new X509Store(storaName, storeLocation);

            try
            {
                store.Open(OpenFlags.ReadOnly);

                X509Certificate2Collection col = store.Certificates.Find(X509FindType.FindBySubjectName, subjectName, false);

                return col.FirstOrDefault();
            }
            finally
            {
                store.Close();
            }
        }

        public static void Delete(string subjectName, StoreName storaName = StoreName.My, StoreLocation storeLocation = StoreLocation.CurrentUser)
        {
            X509Store store = new X509Store(storaName, storeLocation);

            try
            {
                store.Open(OpenFlags.ReadWrite);

                X509Certificate2Collection col =
                    store.Certificates.Find(X509FindType.FindBySubjectName, subjectName, false);

                store.RemoveRange(col);
            }
            finally
            {
                store.Close();
            }
        }
    }

Here how the cert can be loaded on the phone

 private async Task BeforeRequest(object sender, SessionEventArgs e)
       {
           var request = e.HttpClient.Request;
           // Enter the following address on your iPhone/iPad devices to download/install certificate.
           // Also it has to be marked as trusted on your device
           if (e.HttpClient.Request.RequestUri.AbsoluteUri.Contains("1.1.1.1"))
           {
               var cert = CertificateManager.Load("Titanium Root Certificate Authority");

               if (cert != null)
               {
                   // Exporting to .cert in memory
                   var data = cert.Export(X509ContentType.Cert);
                   e.Ok(data, new List<HttpHeader>
                   { 
                       new("Content-Disposition", "attachment; filename=rootCert.cer")
                   });
               }
               else
               {
                   e.Ok("Certificate was not found");
               }
           }
       }