(HTTPS)Cannot view the encrypted sessions, butI have installed the certificate

1 Answer 98 Views
FiddlerCore Windows
z
Top achievements
Rank 1
z asked on 18 Nov 2022, 01:28 PM | edited on 18 Nov 2022, 01:28 PM

When I tried to install the certificate with this function, it popped up and installed the certificate, but still reminded me when I tried to decrypt the https traffic
"To view the encrypted sessions inside this tunnel, enable the Tools > Options > HTTPS > Decrypt HTTPS traffic option."


public static bool InstallCertificate()
        {
            if (!CertMaker.rootCertExists())
            {
                if (!CertMaker.createRootCert())
                    return false;

                if (!CertMaker.trustRootCert())
                    return false;
            }

            return true;
        }


 

Is it because of this function? What should I do, please help me...

 

 

1 Answer, 1 is accepted

Sort by
0
Nick Iliev
Telerik team
answered on 18 Nov 2022, 03:28 PM

Hi Z C,

 

Fiddler Classic provides a built-in UI for installing and trusting the root certificate (Fiddler Classic menu > Tools > Options > HTTPS > Actions), so you can use it instead of trying to install the certificate through FiddlerScript.

Regards,
Nick Iliev
Progress Telerik

Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.

z
Top achievements
Rank 1
commented on 19 Nov 2022, 08:42 AM | edited

 

How can I use it in my program? I modified it according to the doc. I applied the following configuration at startup, but it still doesn't decrypt https traffic

            FiddlerApplication.AfterSessionComplete += FD_AfterSessionComplete;
            BCCertMaker.BCCertMaker certProvider = new BCCertMaker.BCCertMaker();
            CertMaker.oCertProvider = certProvider;
            FiddlerCoreStartupSettings settings = new FiddlerCoreStartupSettingsBuilder()
                    .ListenOnPort(8866)
                    .DecryptSSL()
                    .RegisterAsSystemProxy()
                    .Build();

Nick Iliev
Telerik team
commented on 22 Nov 2022, 06:44 AM

FiddlerCore installs the certificate as a user CA in the OS certificate manager. That said, once the certificate is installed and trusted, it should be automatically used by all applications using the OS certificate manager and not restricted to using users' CAs. So that said, if your application's traffic is not showing up decrypted in the captured traffic, the application probably has a security configuration that explicitly prevents that from happening.
Tags
FiddlerCore Windows
Asked by
z
Top achievements
Rank 1
Answers by
Nick Iliev
Telerik team
Share this question
or