I'm developing an HTTPS proxy server using titanium proxy server. I will monitor some websites and will modify the response of those websites. Some of those websites are https, that's why I'm using https proxy server.
Now here is the problem. As far as I know, to intercept an HTTPS site, we must have certificate and titanium proxy server has a dummy certificate. I think whenever the server is started, titanium proxy server tries to install that certificate as a root certificate so that browsers can trust that certificate. This approach is working perfect for all browsers except firefox.
I can see titanium root certificate installed in all browsers and I can successfully intercept HTTPS websites running in Google Chrome or Safari. But whenever I try to open a HTTPS website in firefox, it gives an error that the connection is untrusted.
I think certificate is not being installed in firefox or is being rejected by firefox as it is not signed by any CA authority. But why are other browsers not showing the same error?
My problem is that I need to intercept HTTPS websites too - it is requirement of the project. What if I buy a certificate from a CA authority and use that certificate with application, will it work or not? Can I use web server certificates with a desktop application? I really don't know much about SSL. any help will be much appreciated. Looking forward to you guys.
PS: I'm attaching a snapshot of firefox windows, for reference. error window
