diff -urN /home/christian/mallory.tmp2/src/cert_auth.py src/cert_auth.py
--- /home/christian/mallory.tmp2/src/cert_auth.py	2014-12-17 00:13:00.000000000 +0100
+++ src/cert_auth.py	2014-12-30 20:49:14.000000000 +0100
@@ -63,9 +63,18 @@
         self.store_of_certs = {}
         if (not os.path.exists("ca/ca.cer")):
             self.ca_cert, self.ca_pkey = self.ca()
+	    # from mitmproxy: netlib/certutils.py
+    	    # Dump the certificate in PEM format
             self.ca_cert_file = open ("ca/ca.cer","w")
             self.ca_cert_file.write(OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, self.ca_cert))
             self.ca_cert_file.close()
+    	    # Dump the certificate in PKCS12 format for Windows devices
+            self.ca_cert_file = open ("ca/ca.p12","w")
+            p12 = OpenSSL.crypto.PKCS12()
+            p12.set_certificate(self.ca_cert)
+            p12.set_privatekey(self.ca_pkey)
+            self.ca_cert_file.write(p12.export())
+            self.ca_cert_file.close()
             self.ca_key_file = open ("ca/ca.key","w")
             self.ca_key_file.write(OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, self.ca_pkey))
             self.ca_key_file.close()
@@ -74,6 +83,22 @@
                         open("ca/ca.cer","r").read())
             self.ca_pkey = OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM,
                         open("ca/ca.key","r").read())
+	# used by http server in plugin_managers/plugin/deliver_certs.py
+        if (not os.path.exists("htdocs")):
+    	    os.mkdir("htdocs", 0755)
+        if (not os.path.exists("htdocs/ca.cer")):
+    	    # Dump the certificate in PEM format
+            self.ca_cert_file = open ("htdocs/ca.cer","w")
+            self.ca_cert_file.write(OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, self.ca_cert))
+            self.ca_cert_file.close()
+    	    # Dump the certificate in PKCS12 format for Windows devices
+            self.ca_cert_file = open ("htdocs/ca.p12","wb")
+            p12 = OpenSSL.crypto.PKCS12()
+            p12.set_certificate(self.ca_cert)
+            # p12.set_privatekey(self.ca_pkey)
+	    # windows uses PEM format nowadays; p12 import asks for password which is empty.
+            self.ca_cert_file.write(p12.export())
+            self.ca_cert_file.close()
 
     # from mitmproxy: netlib/certutils.py
     def create_ca(self, o, cn, exp):
diff -urN /home/christian/mallory.tmp2/src/plugin_managers/http_plugin_manager.py src/plugin_managers/http_plugin_manager.py
--- /home/christian/mallory.tmp2/src/plugin_managers/http_plugin_manager.py	2014-12-01 00:01:00.000000000 +0100
+++ src/plugin_managers/http_plugin_manager.py	2014-12-28 18:31:27.000000000 +0100
@@ -6,6 +6,7 @@
 from plugin_managers import base
 from plugin.session_hijack import SessionHijack
 from plugin.spb_test import SpbTest
+from plugin.deliver_certs import DeliverCerts
 from plugin.image_flip import ImageFlip
 from plugin.image_invert import ImageInvert
 
@@ -30,6 +31,7 @@
         plugs = []
         plugs.append(SessionHijack ())
         plugs.append(SpbTest())
+        plugs.append(DeliverCerts())
         plugs.append(ImageFlip())
         plugs.append(ImageInvert())
 
diff -urN /home/christian/mallory.tmp2/src/plugin_managers/plugin/deliver_certs.py src/plugin_managers/plugin/deliver_certs.py
--- /home/christian/mallory.tmp2/src/plugin_managers/plugin/deliver_certs.py	1970-01-01 01:00:00.000000000 +0100
+++ src/plugin_managers/plugin/deliver_certs.py	2014-12-30 23:07:37.000000000 +0100
@@ -0,0 +1,30 @@
+import socket
+import config
+import logging
+from base import Base
+
+
+from twisted.web.server import Site
+from twisted.web.static import File
+from twisted.internet import reactor
+
+class DeliverCerts (Base):
+    def __init__(self, rules = [], config = config.Config()):
+        Base.__init__(self)
+        self.persistent = 1
+        self.log = logging.getLogger("mallorymain")
+
+    def do (self, **kwargs):
+        #Do nothing on events, just listen on port 8080
+        return kwargs
+
+    
+    def runp (self):
+        #host = '10.42.0.1'
+	host=''
+        port = 8080
+	# from http://twistedmatrix.com/documents/current/web/howto/web-in-60/static-content.html
+	resource = File('./htdocs/')
+	factory = Site(resource)
+	reactor.listenTCP(port, factory, interface=host)
+	reactor.run(installSignalHandlers=0)
diff -urN /home/christian/mallory.tmp2/src/protocol/http.py src/protocol/http.py
--- /home/christian/mallory.tmp2/src/protocol/http.py	2014-12-21 11:26:21.000000000 +0100
+++ src/protocol/http.py	2014-12-30 12:31:53.000000000 +0100
@@ -267,7 +267,7 @@
 
 
 class Reader(_FileLike):
-    def read(self, length):
+    def read(self, length=-1):
         """
             If length is -1, we read until connection closes.
         """
@@ -1027,7 +1027,7 @@
         self._line_consumed = 1
         self.read = self._file.read
         self.readline = self._file.readline
-        self.readlines = self._file.readlines
+        #self.readlines = self._file.readlines
 
     def read(self, amt=None):
         if self._line_consumed:
@@ -1059,16 +1059,16 @@
         self._done()
         return s
 
-    def readlines(self, size=None):
-        if self._line_consumed:
-            return self._file.readlines(size)
-        assert self._line_left
-        L = [self._line[self._line_offset:]]
-        self._done()
-        if size is None:
-            return L + self._file.readlines()
-        else:
-            return L + self._file.readlines(size)
+    #def readlines(self, size=None):
+    #    if self._line_consumed:
+    #        return self._file.readlines(size)
+    #    assert self._line_left
+    #    L = [self._line[self._line_offset:]]
+    #    self._done()
+    #    if size is None:
+    #        return L + self._file.readlines()
+    #    else:
+    #        return L + self._file.readlines(size)
 
      
 class HTTPMessage(mimetools.Message):