Within a .net application when the CheckCertificateRevocationList is set SSL connections can no longer be made while fiddler is running.
An example:
ServicePointManager.CheckCertificateRevocationList = true;
WebRequest request = WebRequest.Create("https://www.google.com");
var response = await request.GetResponseAsync();
This fails with
The remote certificate is invalid according to the validation procedure.
If I register a validation callback (ServicePointManager.ServerCertificateValidationCallback) too see what is going on I see
SSLPolicyErrors = RemoteCertificateChainErrors
When looking at the X509Chain I see "The revocation function was unable to check revocation for the certificate.\r\n"
Some other threads on stack overflow indicated this may be due to no revocation list being attached to the fiddler root certificates.
So I was wondering if anyone was able to get fiddler to work with the CheckCertificateRevocationList= true. I know I can disable it but that would not be good for security. I also could in the handler allow fiddler certificates, but I was hoping there was a way to generate the fiddler certificates in a way that worked with that setting.
1 Answer, 1 is accepted
Hello Chris,
Check this GitHub thread where possible solutions are discussed. The mentioned CerMaker add-on can be downloaded from here.
Regards,
Nick Iliev
Progress Telerik
Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.