Menu
I have an application which is making calls to twitter and I need to inspect the traffic so that I can learn more about oAuth.
When I double click the ssl traffic I get a yellow box which prompts me to go and change the options (by the way I am running my app through a proxy).
After having read about using a certificate on my machine which fiddler creates I have clicked the link to let fiddler install certificates on my machine by following these instructions...
http://docs.telerik.com/fiddler/configure-fiddler/tasks/configurefiddlerforwin8
However instead of this happening...
I get this error message...
"unable to configure windows to trust Fiddler Root certificate" here is a screen shot....
When I checked the logs as suggested (although is confusing as I thought the log was to do with each individual request), anyway I saw this...
I have even tried installing the certificate manually no no avail. Hope someone can help me get fiddler/ssl decryption working with windows 8! :-)
UPDATE : In response to Erics questions he made in the below answer...
Hi Eric thanks for replying.
1) A box popped up saying 'Certificate Trust' this is the box I have taken a screen shot of above. It was the box that told me to check the log.
2) I have an account and when I check my users it says I am an Administrator underneath my username.
3) I have tried to run Fiddler as an Administrator to no avail.
I also tried to drag and drop the certificate manually into the certmgr.msc tool and it comes up with a little round cursor with a line through it. Sounds like permissions but I just cant see why as I have full everything....
341
I finally found a way to workaround cases where group policy tries to limit who you can trust.
Run afoul and bypass an intentional security control.
reg delete HKLM\Software\Policies\Microsoft\SystemCertificates\Root\ProtectedRoots /fDecrypt HTTPS traffic off and on again. press okay to install the cert in the usual waygpupdate /force to get your setting back to the way your admins intended. For insight, the problem group policy settings may look something like this:
If you have any Flags value in your registry under Local_Machine \ Software\Policies\Microsoft\SystemCertificates\Root\ProtectedRoots, this lock-down is probably in effect.
@EricLaw - Are you up for maybe changing fiddler to try to import into the third-party store by default? It seems like the "third-party store" may be less subject to lockdown.
This is the best write-up of third-party-store i've seen: http://kreelbits.blogspot.com/2014/02/whats-purpose-of-users-third-party-root.html
67
I managed to solve a similar problem I was having (in windows 7) by following the instructions here: http://casualtechs.blogspot.com.au/2010/06/problem-when-trying-to-import.html (with the only difference being that we want to add the Fiddler certificate to "Trusted Root Certification Authorities -> Local Computer" instead of the "Trusted Publishers" that is mentioned on that site). My modified steps were:
Basically the bit I was missing when trying to import the Fiddler Root certificate was to drill down into the "Local Computer" folder underneath the "Trusted Root Certification Authorities" folder. You will have to make sure that the "Show physical stores" checkbox is ticked as shown below:
28
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
