Hello,
Is it possible to install a official certificate (like a purshased VeriSign certificate) instead of the auto generated certifcate by fiddler ?
Thanks
Pascal
1 Answer, 1 is accepted
0
Eric Lawrence
Telerik team
answered on 14 Jul 2014, 08:15 PM
Hello, Pascal--
VeriSign will not sell you a "root" or "CA" certificate that can sign other certificates (which is what Fiddler uses to intercept traffic). They will sell you an "end-entity" or "server" certificate, which is used by a single server.
If you buy such a certificate and thus have its private key, then yes, you are able to use that certificate for that specific server. To do so, click Rules > Customize Rules > Scroll to OnBoot, and add the following
// Connections to https://example.com will use the cert in cert.pfx
CertMaker.StoreCert("example.com", "C:\\temp\\cert.pfx", "TopSecretPassword");
Having said that, this is generally not a very good idea, because it means that your super-sensitive private key is getting stored on a relatively low-trust developer machine. Generally, you should only ever install a publicly-trusted certificate on a protected and properly-configured front-end server.
Regards,
Eric Lawrence
Telerik
Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.