0

I have a site example.com that I am currently intercepting https traffic for and pointing it to my local server using fiddler. I would like to take fiddler out of the equation by installing the site's certificate that is generated by fiddler on my local server and modifying my HOSTS file. How can I export the key and the cert for this site? I've looked in certlm, and tried exporting the cert from google chrome.

PGBRULES
  • 1
  • 1
    Fiddler creates the certificates on dynamically based on the original servers certificate. These are not supposed to be used elsewhere and might not even be saved. If you want to emulate example.com on your own server just create a self-signed certificate for example.com and add it as trusted to your browser. – Steffen Ullrich Jan 08 '22 at 21:49
  • As far as I remember all site certificates created by Fiddler can be viewed in the Windows certificate manager `certmgr.msc` (in the personal certificate store). But I have never tried to export one of them so I don't know if the private key is available and exportable. – Robert Jan 08 '22 at 21:54
  • @Robert , Only the root certificate generated by fiddler is visible in certmgr for me. – PGBRULES Jan 08 '22 at 22:06
  • Strange I do remember all those DO_NOT_TRUST... certificates generated by Fiddler (classic) may be you are using Fiddler everywhere? – Robert Jan 08 '22 at 23:05
  • @Robert, I am using fiddler classic, I'll try fiddler everywhere! Thank you for your help. – PGBRULES Jan 08 '22 at 23:30
  • I am only using Fiddler Classic. But it seems that one of the last versions for Fiddler had changed the certificate storage behavior because I do remember that older versions wer storing dozen and dozen of certificates in Windows personal certificate storage. Now I can only find the root and intermediate CA certificates when searching the whole certificate store. – Robert Jan 09 '22 at 10:55

0 Answers0