User Supplied Root cert?

6 posts, 0 answers
  1. Justin
    Justin avatar
    2 posts
    Member since:
    Dec 2013

    Posted 04 Jun 2014 Link to this post

    HI, I came across the blog article below and I'm curious if there are any examples on how to use an existing cert vs the default "fiddler DO NOT TRUST".

    http://blogs.telerik.com/fiddler/posts/13-08-19/faq---certificates-in-fiddler
  2. Eric Lawrence
    Admin
    Eric Lawrence avatar
    833 posts

    Posted 05 Jun 2014 Link to this post

    Hi, Justin--

    Generally speaking, this is not a capability that Fiddler exposes. If you can elaborate on why specifically you wish to do this, I may be able to help.

    thanks,

    Regards,
    Eric Lawrence
    Telerik
     

    Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

     
  3. Justin
    Justin avatar
    2 posts
    Member since:
    Dec 2013

    Posted 06 Jun 2014 in reply to Eric Lawrence Link to this post

    Hi Eric,

    We're wanting to build an application that can intercept and modify https traffic before it reaches the final destination. Essentially, our client will use the web page as they normally would, except we want to use fiddler core to proxy this traffic and make modifications. We want to be able to deliver a cert other than the "DO_NOT_TRUST_FiddlerRoot "to the client so they can install on their users workstations.

    I'm happy to provide additional details of the specific use case and also need to inquire about a commercial license. Shall I contact support?

  4. Eric Lawrence
    Admin
    Eric Lawrence avatar
    833 posts

    Posted 09 Jun 2014 Link to this post

    Hi, Justin--

    Yes, sending an email to the support alias is the best way to inquire about commercial licenses and I can work through the certificate questions with you directly.

    (For what it's worth, there's no technical mechanism that prevents manually sharing a single "DO_NOT_TRUST_" root across multiple client PCs.)

    Regards,
    Eric Lawrence
    Telerik
     

    Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

     
  5. Joachim
    Joachim avatar
    1 posts
    Member since:
    Oct 2016

    Posted 10 Oct in reply to Justin Link to this post

    Hi,

    Justin said:Hi Eric,
    We want to be able to deliver a cert other than the "DO_NOT_TRUST_FiddlerRoot "to the client so they can install on their users workstations.

    is this possible by now?

     

    Regards

    Joachim

  6. Tsviatko Yovtchev
    Admin
    Tsviatko Yovtchev avatar
    408 posts

    Posted 17 Oct Link to this post

    Hi,

    This is still not available. You can start a new idea at https://fiddler.ideas.aha.io so that other users can vote for it too.

    Technically you can replace the certificate Fiddler will use by changing the values  of fiddler.certmaker.bc.key and fiddler.certmaker.bc.cert prefs. The problem is to get the prefs set to something BouncyCaslte can read in its PrivateKeyFactory and X509Certificate classes. Somebody here - https://groups.google.com/forum/#!topic/httpfiddler/23ikHCOAczs was able to do that using OpenSSL.

    Regards,
    Tsviatko Yovtchev
    Telerik by Progress
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Back to Top