Questions Linux Laravel Mysql Ubuntu Git Menu

HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin

How do you remove the root CA certificate that fiddler installs

Tags:

certificate

ssl

fiddler

Fiddler helpfully offers to add a unique root CA certificate to intercept HTTPS traffic.

Once this certificate has been added, how do you go about removing it?

enter image description here

like image

786

asked May 30 '13 04:05

muzzamo

People also ask

Is it safe to install Fiddler root certificate?

No it's not safe, and yes you should remove it. The entire point of it is to break the security of SSL for debugging convenience. It even has "DO_NOT_TRUST" in its name, for a good reason.

2 Answers

Either of two ways:

1) Disable HTTPS decryption and click the button titled "Remove Interception Certificates"

fiddler options dialog

2) Open CertMgr.msc, open the Personal and Trusted Stores, and use the Delete key on the root.

like image

96

answered Sep 22 '22 17:09

EricLaw

Since Fiddler 4.6.1.5 the GUI is a bit different.

Fiddler Options

Go to Tools -> Fiddler Options -> HTTPS. Then click the "Actions" button and then "Reset All Certificates"

It will popup a message that it could take a while but it's really quick. Approve all popups and there you go.

Pay attention not to re-approve the certificate again (when I did it the message for approving the certificates popped up when I finished to approve all the popups.)

like image

40

answered Sep 19 '22 17:09

Eyal Abir

Sign in to Comment

Related questions
                            
                                How to add SSL certificate to AWS EC2 with the help of new AWS Certificate Manager service
                            
                                What does force_ssl do in Rails?
                            
                                The author primary signature's timestamp found a chain building issue: UntrustedRoot: self signed certificate in certificate chain
                            
                                Find out what resources are not going over HTTPS
                            
                                iOS 11: ATS (App Transport Security) no longer accepts custom anchor certs?
                            
                                Can you use a service worker with a self-signed certificate?
                            
                                Difference between SSL & TLS
                            
                                what is the difference between .cer & pfx file [closed]
                            
                                Caused by: java.security.UnrecoverableKeyException: Cannot recover key
                            
                                Using psql to connect to PostgreSQL in SSL mode
                            
                                Adding a self-signed certificate to iphone Simulator?
                            
                                How to create .pem files for https web server
                            
                                OpenSSL hangs during PKCS12 export with "Loading 'screen' into random state"
                            
                                SSL and man-in-the-middle misunderstanding
                            
                                Add Self Signed Certificate without promting Yes/No from User
                            
                                HAProxy redirecting http to https (ssl)
                            
                                What RSA key length should I use for my SSL certificates?
                            
                                Https Connection Android
                            
                                How to extract CN from X509Certificate in Java?
                            
                                Docker container SSL certificates

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With