Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
491 views
in Technique[技术] by (71.8m points)

https - Making fiddler work with chrome

I want to use fiddler to monitor api calls made by my browser when it visits some pages.

The technology - Fiddler 4.6x, Chrome 56, Firefox 51, Windows 7 64 bit.

The problem - Fiddler does not work with chrome. When I open any page on chrome, I get the error "Your connection is not private: Attackers might be trying to steal your information from website (for example, passwords, messages, or credit cards). NET::ERR_CERT_AUTHORITY_INVALID". FYI, I easily fixed a similar issue with firefox.

Solutions I tried that failed - Four hours of google and stack overflow did not give me any solutions.

  1. Convert the fiddler cert to pk 7 ??? format.

  2. Import fiddler cert into chrome. Also, grant the cert all kinds of advanced permissions.

  3. Install the fiddler cert with admin rights on windows, by "running" it.

  4. Run chrome and ignore cert errors.

  5. Regenerating the fiddler cert and restarting fiddler and browsers as given in the official fiddler book.

In 2,3 the cert never appeared in trusted cert store, but appeared in personal and immediate cert store. In 1, nothing even happened. Please tell me how I can make this work. Any links to the basics of all this would help.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

I was facing similar issue with Fiddler v4.6 and followed these steps:

Fiddler 4.6.1.5+

  • Click Tools > Fiddler Options.
  • Click the HTTPS tab.
  • Ensure that the text says Certificates generated by CertEnroll engine.
  • Click Actions > Reset Certificates. This may take a minute.
  • Accept all prompts

Fiddler 4.6.1.4 and earlier

  • Click Tools > Fiddler Options.
  • Click the HTTPS tab
  • Uncheck the Decrypt HTTPS traffic checkbox
  • Click the Remove Interception Certificates button. This may take a minute.
  • Accept all of the prompts that appear (e.g. Do you want to delete these certificates, etc)
  • (Optional) Click the Fiddler.DefaultCertificateProvider link and verify that the dropdown is set to CertEnroll
  • Exit and restart Fiddler
  • Click Tools > Fiddler Options.
  • Click the HTTPS tab
  • Re-check the Decrypt HTTPS traffic checkbox
  • Accept all of the prompts that appear (e.g. Do you want to trust this root certificate)

Reference: https://textslashplain.com/2015/10/30/reset-fiddlers-https-certificates/


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...