This is a migrated thread and some comments may be shown as answers.

What exactly is the task "Respond to requests requiring a client certificate" doing?

1 Answer 53 Views
Fiddler Classic
This is a migrated thread and some comments may be shown as answers.
Blake
Top achievements
Rank 1
Blake asked on 02 Jul 2014, 07:52 PM
So I have recently been struggling to get my .NET client working with mutual authentication. In the process of debugging with Fiddler, I noticed that if I make my public cert available to Fiddler, it adds it to the response I get from the server, and I am able to successfully complete my next request(instead of HTTP 401).

So my question is, what is the purpose of this functionality? Has someone experienced something similar?

1 Answer, 1 is accepted

Sort by
0
Eric Lawrence
Telerik team
answered on 07 Jul 2014, 02:41 PM
Hi, Blake--

Can you please elaborate on what exactly you're hoping to accomplish and what problem you're having?

Client Certificates allow a client application to authenticate to a server over a HTTPS connection without using a traditional username/password. You can configure Fiddler to use a client certificate to respond to a server's authentication challenges; if you want to use Fiddler when contacting a HTTPS server that requires a client certificate, you MUST configure Fiddler with the client certificate because otherwise the authentication process will fail (mutual authentication breaks MITM attacks).

I suspect you might really be saying: "My .NET code isn't working, but if I use Fiddler to do client certificate authentication it works fine. How can I fix my .NET code?" If that's the case, please share your code.

Regards,
Eric Lawrence
Telerik
 

Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

 
Tags
Fiddler Classic
Asked by
Blake
Top achievements
Rank 1
Answers by
Eric Lawrence
Telerik team
Share this question
or