This is a migrated thread and some comments may be shown as answers.

Custom SSL cert for !listen reverse proxy

1 Answer 47 Views
This is a migrated thread and some comments may be shown as answers.
Top achievements
Rank 1
D asked on 05 Apr 2017, 05:33 PM

I am setting up a reverse proxy, and I've got everything working except the correct SSL cert. When I try to do the following:


    static function Main() {
        var today: Date = new Date();
        FiddlerObject.StatusText = " CustomRules.js was loaded at: " + today;

        FiddlerObject.log("Main - Start StoreCerts");
         var oCert = new System.Security.Cryptography.X509Certificates
            .X509Certificate2("C:\\temp\\geotrust.pfx", "*****");
        FiddlerObject.log("FriendlyName: " + oCert.FriendlyName);
        FiddlerObject.log("Issuer: " + oCert.Issuer);
        FiddlerObject.log("PrivateKey: " + oCert.HasPrivateKey.ToString());
        FiddlerObject.log("Subject: " + oCert.Subject);
        CertMaker.StoreCert("", oCert);
        FiddlerObject.log("Main - End StoreCerts");
        var test = CertMaker.FindCert("")
        FiddlerObject.log("FriendlyName: " + test.FriendlyName);
        FiddlerObject.log("Issuer: " + test.Issuer);

The output I get is this:


17:25:45:1722 Main - Start StoreCerts
17:25:45:1722 FriendlyName: GeoTrustCP
17:25:45:1722 Issuer: CN=GeoTrust SSL CA - G3, O=GeoTrust Inc., C=US
17:25:45:1722 PrivateKey: True
17:25:45:1722 Subject: CN=*, O=Case Pacer LLC, L=Indianapolis, S=Indiana, C=US
17:25:45:1722 Assembly 'C:\Program Files (x86)\Fiddler2\CertMaker.dll' was not found. Using default Certificate Generator.
17:25:45:1722 /Fiddler.CertMaker> Using .‰+˜ for certificate generation; UseWildcards=True.
17:25:45:1722 Main - End StoreCerts
17:25:45:1722 FriendlyName:
17:25:45:1722 Issuer: CN=DO_NOT_TRUST_FiddlerRoot, O=DO_NOT_TRUST, OU=Created by


I added the loggers so that I could verify that it was correctly reading the cert (which it is), and that it has the private key (which it does). This is the same key I'm using on my IIS instance on the same machine, so I know it works. However, when I try to connect, or as you can see in the script when I tell it to FindCert(), It gets the DO_NOT_TRUST cert instead of the one I'm trying to add/specify.

I've even tried deleting the DO_NOT_TRUST certs, but it just recreates them. Why won't it use the cert I'm loading?

Thanks in advance,


1 Answer, 1 is accepted

Sort by
Top achievements
Rank 1
answered on 05 Apr 2017, 05:54 PM

Problem solved...I needed to specify the wildcard name in the StoreCert() command:

        CertMaker.StoreCert("*", oCert);


That solved the problem completely!

Asked by
Top achievements
Rank 1
Answers by
Top achievements
Rank 1
Share this question