ClassCertMaker
This class is used to find and create certificates for use in HTTPS interception. The default implementation (DefaultCertProvider object) uses the Windows Certificate store, but if a plugin ICertificateProvider is provided, it is used instead.
Definition
Namespace:Fiddler
Assembly:FiddlerCore.dll
Syntax:
public class CertMakerInheritance: objectCertMaker
Inherited Members
Constructors
CertMaker()
Declaration
public CertMaker()Fields
oCertProvider
Enables specification of a delegate certificate provider that generates certificates for HTTPS interception.
Declaration
public static ICertificateProvider oCertProviderField Value
Methods
ClearCertificateCache(bool, out CertificateStoreOperationStatus)
Removes Fiddler-generated certificates from the Windows certificate store
Declaration
public static bool ClearCertificateCache(bool bRemoveRoot, out CertificateStoreOperationStatus status)Parameters
bRemoveRoot
Indicates whether Root certificates should also be cleaned up
status
CertificateStoreOperationStatus
Status of add/remove operation to store
Returns
CreateRootCertificate()
Create a self-signed root certificate to use as the trust anchor for HTTPS interception certificate chains
Declaration
public static bool CreateRootCertificate()Returns
TRUE if successful
DoDispose()
Dispose of the Certificate Provider, if any.
Declaration
public static void DoDispose()EnsureReady()
Ensures that the Certificate Generator is ready; thread-safe
Declaration
public static void EnsureReady()FindCert(string)
Request a certificate with the specified SubjectCN
Declaration
public static X509Certificate2 FindCert(string sHostname)Parameters
sHostname
A string of the form: "www.hostname.com"
Returns
A certificate or /null/ if the certificate could not be found or created
GetCertProviderInfo()
Gets the name of the current certificate provider instance used to create Fiddler certificates
Declaration
public static string GetCertProviderInfo()Returns
The name and location of the certificate provider instance
GetRootCertificate()
Returns the Root certificate that Fiddler uses to generate per-site certificates used for HTTPS interception.
Declaration
public static X509Certificate2 GetRootCertificate()Returns
Returns the root certificate, if present, or null if the root certificate does not exist.
HasRootCertificate()
Checks if the current certificate provider has generated a Root certificate authority.
Declaration
public static bool HasRootCertificate()Returns
True if root certificate is valid and loaded
IsRootCertificateTrusted()
Is Fiddler's root certificate in the Root store?
IsRootCertificateTrustedMachine()
Is Fiddler's root certificate in the Machine Root store? This method works only on Windows platforms.
Declaration
public static bool IsRootCertificateTrustedMachine()Returns
TRUE if so
ReadRootCertificateAndPrivateKeyFromPkcs12File(string, string, string)
When this method is called, your extension should read the root certificate and its private key from the PKCS#12 file(.pfx | .p12).
Declaration
public static void ReadRootCertificateAndPrivateKeyFromPkcs12File(string filename, string password, string alias = null)Parameters
filename
The filename of the PKCS#12 file (.pfx | .p12).
password
The password which is used to protect the private key. Could be null or empty if the private key is not protected.
alias
The alias for the certificate and the private key. Could be null.
StoreCert(string, X509Certificate2)
Pre-cache a Certificate in the Certificate Maker that should be returned in subsequent calls to FindCert
Declaration
public static bool StoreCert(string sHost, X509Certificate2 oCert)Parameters
sHost
The hostname for which this certificate should be returned.
oCert
The X509Certificate2 with attached Private Key
Returns
TRUE if the Certificate Provider succeeded in pre-caching the certificate. FALSE if Provider doesn't support pre-caching. THROWS if supplied Certificate lacks Private Key.
StoreCert(string, string, string)
Pre-cache a Certificate in the Certificate Maker that should be returned in subsequent calls to FindCert
Declaration
public static void StoreCert(string sHost, string sPFXFilename, string sPFXPassword)Parameters
sHost
The hostname for which this certificate should be returned.
sPFXFilename
The filename of the PFX file containing the certificate and private key
sPFXPassword
The password for the PFX file
TrustRootCertificate()
Finds the Fiddler root certificate and prompts the user to add it to the user TRUSTED store. Note: The system certificate store is used by most applications (IE, Chrome, etc) but not all; for instance, Firefox uses its own certificate store.
Declaration
public static bool TrustRootCertificate()Returns
True if successful
TrustRootCertificateMachine()
Finds the Fiddler root certificate and prompts the user to add it to the machine TRUSTED store. Note: The system certificate store is used by most applications (IE, Chrome, etc) but not all; for instance, Firefox uses its own certificate store.
Declaration
public static bool TrustRootCertificateMachine()Returns
True if successful
WriteRootCertificateAndPrivateKeyToPkcs12File(string, string, string)
Save the root certificate and its private key to a PKCS#12 file(.pfx | .p12).
Declaration
public static void WriteRootCertificateAndPrivateKeyToPkcs12File(string filename, string password, string alias = null)Parameters
filename
The filename of the PKCS#12 file (.pfx | .p12).
password
The password which is used to protect the private key. If null or empty, the private key is written unprotected.
alias
The alias for the certificate and the private key. If null, a random alias could be created.
WriteRootCertificateToDerEncodedFile(string)
Save the root certificate excluding the private key to a DER encoded file(.cer | .crt | .der).
Declaration
public static void WriteRootCertificateToDerEncodedFile(string filename)Parameters
filename
The filename of the DER encoded file (.cer | .crt | .der)
createRootCert()
Create a self-signed root certificate to use as the trust anchor for HTTPS interception certificate chains
Declaration
[Obsolete("Please use CreateRootCertificate() instead")]
public static bool createRootCert()Returns
TRUE if successful
removeFiddlerGeneratedCerts(bool, out CertificateStoreOperationStatus)
Removes Fiddler-generated certificates from the Windows certificate store
Declaration
[Obsolete("Please use ClearCertificateCache(bool, out CertificateStoreOperationStatus) instead")]
public static bool removeFiddlerGeneratedCerts(bool bRemoveRoot, out CertificateStoreOperationStatus status)Parameters
bRemoveRoot
Indicates whether Root certificates should also be cleaned up
status
CertificateStoreOperationStatus
Status of add/remove operation to store
Returns
removeFiddlerGeneratedCerts(out CertificateStoreOperationStatus)
Removes Fiddler-generated certificates from the Windows certificate store
Declaration
[Obsolete("Please use ClearCertificateCache(true, out CertificateStoreOperationStatus) instead")]
public static bool removeFiddlerGeneratedCerts(out CertificateStoreOperationStatus status)Parameters
status
Returns
rootCertExists()
Determine if the self-signed root certificate exists
Declaration
[Obsolete("Please use HasRootCertificate() instead.")]
public static bool rootCertExists()Returns
True if the Root certificate returned from GetRootCertificate() is non-null, False otherwise.
rootCertIsMachineTrusted()
Is Fiddler's root certificate in the Machine Root store? This method works only on Windows platforms.
Declaration
[Obsolete("Please use IsRootCertificateTrustedMachine() instead")]
public static bool rootCertIsMachineTrusted()Returns
TRUE if so
rootCertIsTrusted()
Is Fiddler's root certificate in the Root store?
Declaration
[Obsolete("Please use IsRootCertificateTrusted() instead")]
public static bool rootCertIsTrusted()Returns
TRUE if so
trustRootCert()
Finds the Fiddler root certificate and prompts the user to add it to the TRUSTED store. Note: The system certificate store is used by most applications (IE, Chrome, etc) but not all; for instance, Firefox uses its own certificate store.
Declaration
[Obsolete("Please use TrustRootCertificate() instead")]
public static bool trustRootCert()Returns
True if successful
trustRootCertMachine()
Finds the Fiddler root certificate and prompts the user to add it to the machine TRUSTED store. Note: The system certificate store is used by most applications (IE, Chrome, etc) but not all; for instance, Firefox uses its own certificate store.
Declaration
[Obsolete("Please use TrustRootCertificateMachine() instead")]
public static bool trustRootCertMachine()Returns
True if successful