Using custom root with FiddlerCore

Question

Is it possible to use a custom root CA for FiddlerCore to intercept HTTPS traffic.

What I need is assigning a certificate to be used to to sign all host certificates.

Another solution can be supplying certificate information to FiddlerCore before creating root certificate.

Answer 1

FiddlerApplication.Startup(9999, FiddlerCoreStartupFlags.DecryptSSL);
var path = Path.GetDirectoryName(Assembly.GetCallingAssembly().Location) + @"\sslcertificate.pfx";
var secureEndpoint = FiddlerApplication.CreateProxyEndpoint(443, true, new X509Certificate2(path, "password"));

You can create your own certificate using Visual Studio tools, however, I used this free program to create a test one cause I am lazy: http://www.xenossoftware.com/freetools/certificategenerator/

If the certificate is installed on the machine, I believe you can also do the same thing using the X509Store class.

Here is some code to do this (not tested):

FiddlerApplication.Startup(9999, FiddlerCoreStartupFlags.DecryptSSL);
var store = new X509Store(StoreName.Root, StoreLocation.LocalMachine);
try
{

    store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

    var x509Certificate2 = store.Certificates.Find(X509FindType.FindBySubjectName, "YourSSLCertificateName", true)[0];

    secureEndpoint = FiddlerApplication.CreateProxyEndpoint(443, true, x509Certificate2);

}
finally
{
    store.Close();
}

Answer 2

FiddlerCore does not currently offer the ability to customize the information contained in its self-signed root. It will generate all end-entity certificates chained to the root named DO_NOT_TRUST_FiddlerRoot.

Can you elaborate on why you seek this capability?