Web Proxy MCP Server

Instructions

Implementation Reference

• src/tools/tool-handlers.js:125-136 (handler)

  MCP tool handler case for 'ssl_generate_certificate' that delegates to SSLManager and formats the response content.
  case 'ssl_generate_certificate': const certResult = await this.sslManager.generateServerCertificate( args.domain, args.altNames ); return { content: [{ type: "text", text: `📜 Generated certificate for: ${certResult.domain}\n\n🔑 Private Key: ${certResult.keyPath}\n📄 Certificate: ${certResult.certPath}\n🏷️ Alt Names: ${certResult.altNames.join(', ')}` }] };
• src/tools/tool-definitions.js:218-237 (schema)

  Tool schema definition specifying input parameters: domain (required) and optional altNames array.
  ssl_generate_certificate: { name: "ssl_generate_certificate", description: "Generate server certificate for specific domain", inputSchema: { type: "object", properties: { domain: { type: "string", description: "Domain name for the certificate" }, altNames: { type: "array", items: { type: "string" }, description: "Alternative domain names (SAN)", default: [] } }, required: ["domain"] } },
• src/ssl/ssl-manager.js:103-154 (helper)

  SSLManager.generateServerCertificate: core logic using OpenSSL to generate domain certificate signed by CA, supporting altNames SAN.
  async generateServerCertificate(domain, altNames = []) { if (!this.initialized) { await this.initialize(); } const caExists = await this._checkCAExists(); if (!caExists) { throw new Error(`CA '${this.currentCA}' does not exist. Create CA first.`); } console.log(`🔐 Generating certificate for: ${domain}`); const certDir = path.join(this.caDir, 'certs'); await fs.mkdir(certDir, { recursive: true }); const sanitizedDomain = domain.replace(/[^a-zA-Z0-9.-]/g, '_'); const keyPath = path.join(certDir, `${sanitizedDomain}.key`); const csrPath = path.join(certDir, `${sanitizedDomain}.csr`); const certPath = path.join(certDir, `${sanitizedDomain}.crt`); // Generate server private key const keyGenCmd = `openssl genrsa -out "${keyPath}" 2048`; this._executeSSLCommand(keyGenCmd); // Generate certificate config with SAN const certConfig = this._generateServerCertConfig(domain, altNames); const certConfigPath = path.join(certDir, `${sanitizedDomain}.conf`); await fs.writeFile(certConfigPath, certConfig); // Generate CSR const csrCmd = `openssl req -new -key "${keyPath}" -out "${csrPath}" -config "${certConfigPath}"`; this._executeSSLCommand(csrCmd); // Sign certificate with CA const caKeyPath = path.join(this.caDir, 'ca.key'); const caCertPath = path.join(this.caDir, 'ca.crt'); const signCmd = `openssl x509 -req -in "${csrPath}" -CA "${caCertPath}" -CAkey "${caKeyPath}" -CAcreateserial -out "${certPath}" -days 365 -extensions v3_req -extfile "${certConfigPath}"`; this._executeSSLCommand(signCmd); // Clean up CSR await fs.unlink(csrPath); await fs.unlink(certConfigPath); console.log(`✅ Certificate generated for ${domain}`); return { domain, keyPath, certPath, altNames }; }
• index.js:66-74 (registration)

  MCP server registration via ListToolsRequestSchema handler exposing all tools from TOOLS, including ssl_generate_certificate.
  this.server.setRequestHandler(ListToolsRequestSchema, async () => { return { tools: Object.entries(TOOLS).map(([name, tool]) => ({ name, description: tool.description, inputSchema: tool.inputSchema })) }; });