Add cross-platform CA auto-installer and production hardening

- Add cert_installer.py: cross-platform trusted CA installer (Windows certutil/PowerShell, macOS security, Linux update-ca-certificates, Firefox NSS via certutil/certutil) - main.py: add --install-cert and --no-cert-check CLI flags; auto-detect and auto-install MITM CA on startup when not yet trusted - mitm.py: rename CA CN/O from 'DomainFront Tunnel' to 'MasterHttpRelayVPN' - proxy_server.py: downgrade TLS handshake errors to DEBUG to reduce log noise for non-HTTPS traffic (MTProto, plain HTTP on non-443 ports) - README.md / README_FA.md: document new CLI flags, auto-install behaviour, and cert_installer.py in project files table
2026-05-18 23:54:37 +03:00 · 2026-04-21 04:56:49 +03:30
parent b1b625045a
commit fd22de27ca
6 changed files with 429 additions and 4 deletions
@@ -55,8 +55,8 @@ class MITMCertManager:
            public_exponent=65537, key_size=2048
        )
        subject = issuer = x509.Name([
-            x509.NameAttribute(NameOID.COMMON_NAME, "DomainFront Tunnel CA"),
-            x509.NameAttribute(NameOID.ORGANIZATION_NAME, "DomainFront Tunnel"),
+            x509.NameAttribute(NameOID.COMMON_NAME, "MasterHttpRelayVPN"),
+            x509.NameAttribute(NameOID.ORGANIZATION_NAME, "MasterHttpRelayVPN"),
        ])
        now = datetime.datetime.now(datetime.timezone.utc)
        self._ca_cert = (