Is there a way to add fiddler certificates for https decryption that will work across various users on a machine?
252 views
Skip to first unread message
NE
Apr 8, 2011, 1:17:22 PM4/8/11
to Fiddler
Is there a way to add fiddler certificates for https decryption that
will work across various users on a machine? Or is it always user
specific?
will work across various users on a machine? Or is it always user
specific?
EricLaw
Apr 10, 2011, 12:34:41 AM4/10/11
to Fiddler
Are you trying to run Fiddler in multiple user accounts? Or just
trying to make it so Fiddler running in Account A is trusted by
Account B?
Assuming the latter, in AccountB, visit http://127.0.0.1:8888/FiddlerRoot.cer
and save the file to your desktop, then Import into the Trusted Root
store.
trying to make it so Fiddler running in Account A is trusted by
Account B?
Assuming the latter, in AccountB, visit http://127.0.0.1:8888/FiddlerRoot.cer
and save the file to your desktop, then Import into the Trusted Root
store.
NE
Apr 11, 2011, 10:05:58 PM4/11/11
to Fiddler
Thanks for the response. I'm trying to setup the machine one time with
fiddler certificates installed so that any user who logs on can run
https scenarios and get the output. from you response it sounds like
each user may need to import the cerrtificate or can it be done once
for all?
On Apr 9, 9:34 pm, EricLaw <bay...@gmail.com> wrote:
> Are you trying to run Fiddler in multiple user accounts? Or just
> trying to make it so Fiddler running in Account A is trusted by
> Account B?
>
> Assuming the latter, in AccountB, visithttp://127.0.0.1:8888/FiddlerRoot.cer
>
> - Show quoted text -
fiddler certificates installed so that any user who logs on can run
https scenarios and get the output. from you response it sounds like
each user may need to import the cerrtificate or can it be done once
for all?
On Apr 9, 9:34 pm, EricLaw <bay...@gmail.com> wrote:
> Are you trying to run Fiddler in multiple user accounts? Or just
> trying to make it so Fiddler running in Account A is trusted by
> Account B?
>
> and save the file to your desktop, then Import into the Trusted Root
> store.
>
> On Apr 8, 10:17 am, NE <natalie.ea...@gmail.com> wrote:
>
>
>
> > Is there a way to add fiddler certificates for https decryption that
> > will work across various users on a machine? Or is it always user
> > specific?- Hide quoted text -
> store.
>
> On Apr 8, 10:17 am, NE <natalie.ea...@gmail.com> wrote:
>
>
>
> > Is there a way to add fiddler certificates for https decryption that
> > will work across various users on a machine? Or is it always user
>
> - Show quoted text -
EricLaw
Apr 12, 2011, 12:42:52 AM4/12/11
to Fiddler
You can copy the Fiddler root certificate into the machine's Trusted
Root store (using mmc.exe to load the MACHINE's copy of certmgr.msc)
but that likely won't do exactly what you want because it sounds like
you imagine you'd run the Fiddler instance within each user's account
rather than just having one instance run centrally? That would be
problematic because when it's actually re-signing the traffic,
Fiddler's looking in the user's personal store for the root
certificate to use. I could easily change Fiddler to look in the
machine store first, although I'm not sure what the implications would
be for the private key's accessibility.
You'd probably be better off just having the user enable HTTPS
decryption themselves. If the goal is to simply capture traffic, you
can use FiddlerCap (fiddlercap.com) and the HTTPS option is right on
the home screen.
-Eric
> > - Show quoted text -- Hide quoted text -
Root store (using mmc.exe to load the MACHINE's copy of certmgr.msc)
but that likely won't do exactly what you want because it sounds like
you imagine you'd run the Fiddler instance within each user's account
rather than just having one instance run centrally? That would be
problematic because when it's actually re-signing the traffic,
Fiddler's looking in the user's personal store for the root
certificate to use. I could easily change Fiddler to look in the
machine store first, although I'm not sure what the implications would
be for the private key's accessibility.
You'd probably be better off just having the user enable HTTPS
decryption themselves. If the goal is to simply capture traffic, you
can use FiddlerCap (fiddlercap.com) and the HTTPS option is right on
the home screen.
-Eric
Reply all
Reply to author
Forward
0 new messages