80

I have Fiddler installed on my machine. I have installed the Fiddler Root Certificate to decrypt HTTPS traffic, but it only works in FF and IE, not in chrome. Chrome does not trust Fiddler's certificate and does not allow me to connect to any tunneled connections.

I tried looking on Fiddler2.com's page for a plugin but I don't see anyhing.

Citronex
  • 1,007
  • 2
  • 8
  • 14
  • What specifically did you end up doing? By default, Chrome respects the same Windows-wide certificate store used by IE. Firefox has its own store and requires manual configuration. – EricLaw Apr 24 '13 at 21:52
  • When attempting to import your cert in the "Manage Certificates" modal, are you on the "Authorities" tab? (I started out trying to import my cert in the "Your Certificates" tab, but that failed repeatedly. You need to be in the "Authorites" tab.) – JellicleCat Aug 20 '13 at 15:25

5 Answers5

170

I updated Fiddler and ran into a similar issue. This fixed it for me: http://textslashplain.com/2015/10/30/reset-fiddlers-https-certificates/

Fiddler 1.3.0+ (This is the new build and comes after 4.6.1.5+)

  • Click Settings (the cog in the top right hand corner).
  • Select the HTTPS tab from the left hand panel
  • Click Trust root certificate
  • Accept all prompts
  • You may need to restart Fiddler

Fiddler 4.6.1.5+

  • Click Tools > Options.

  • Click the HTTPS tab.

  • Ensure that the text says Certificates generated by CertEnroll engine.

    (Note: You may notice that it's not possible to change the engine from MakeCert to CertEnroll, in such case restart Fiddler and start from the beginning, it should show CertEnroll then.)

  • Click Actions > Reset All Certificates. This may take a minute.

  • Accept all prompts (to remove and re-add certificates)

Fiddler 4.6.1.4 and earlier

  • Click Tools > Options.
  • Click the HTTPS tab.
  • Uncheck the Decrypt HTTPS traffic checkbox.
  • Click the Remove Interception Certificates button. This may take a minute.
  • Accept all of the prompts that appear (e.g. Do you want to delete these certificates, etc.)
  • (Optional) Click the Fiddler.DefaultCertificateProvider link and verify that the dropdown is set to CertEnroll.
  • Exit and restart Fiddler.
  • Click Tools > Options.
  • Click the HTTPS tab.
  • Re-check the Decrypt HTTPS traffic checkbox.
  • Accept all of the prompts that appear (e.g. Do you want to trust this root certificate)

I think this is probably just one of many potential solutions for this, but it's coming up as one of the top search results for "your connection is not private fiddler" so I'll add it. Hopefully it'll help anyone else who comes across it.

NOTE: A few people have commented that they needed to restart Fiddler after running the above.

Chris Owens
  • 5,076
  • 12
  • 61
  • 131
  • 13
    These instructions worked perfectly for me. Thanks so much! – TrueEddie Nov 24 '15 at 15:25
  • @TrueEddie No worries! – Chris Owens Nov 26 '15 at 07:17
  • 1
    Worked for me also. Thank you. – Ionut Negru Feb 02 '16 at 08:17
  • 1
    This worked for me. Just followed the instructions and it worked just fine – Marcello Grechi Lins Jul 04 '16 at 19:37
  • @Chris - Hi Chris ! I can't make this work in my current setup. Can you please help me here - http://stackoverflow.com/questions/41902367/making-fiddler-work-with-chrome – MasterJoe Jan 31 '17 at 18:27
  • This worked for me *only* after I uninstalled Fiddler and reinstalled it (I uninstalled while preserving existing settings). I have had Fiddler installed for quite a while, and have just used the automatic update feature as new versions have become available. There may be some issue with the mechanism for resetting certificates in this case as the fresh install allowed me to resolve the issue with the solution noted above. – cookch10msu Apr 27 '17 at 14:16
  • 1
    Did not work for me. However deleting the hostname from Chromes HSTS list did: http://stackoverflow.com/questions/33268264/ – Marc May 03 '17 at 06:42
  • 1
    Mark as answer ! – Stephane May 13 '17 at 17:41
  • 1
    I had to run the reset 2 times. The 2nd time I noticed more dialogs; specifically the 'Trust the Fiddler Root certificate' dialog didn't pop-up the first time. – spottedmahn Aug 09 '17 at 14:20
  • 3
    Switch to CertEnroll was seemingly not working until I restarted the Fiddler. Then reset the certificates and all works now. THX. – mivra Aug 15 '17 at 21:36
  • Restart Fiddler after changing from *MakeCert* to *CertEnroll* was that secret important piece of puzzle! Thanks @mivra! I have updated the answer. Does anyone have idea why *CertEnroll* is working and *MakeCert* is not? Is only *CertEnroll* trusted by Chrome? Or something else? – David Ferenczy Rogožan Mar 07 '19 at 20:29
  • Does it work on ubuntu? Just CertMaker every time I start Fiddler – Alex Zezekalo Mar 19 '19 at 16:15
  • @AlexZezekalo I don't have an Ubuntu instance handy to check sorry. I had a Windows machine and can only speak for that sorry :( The link posted above might be worth a look though: https://stackoverflow.com/questions/33268264/chromethe-website-uses-hsts-network-errors-this-page-will-probably-work-late – Chris Owens Mar 19 '19 at 21:48
  • 1
    This worked like a charm. Thanks so much. Even worked for v5.0.20204.45441 – crypted Aug 03 '22 at 13:01
5

It's also worth checking whether a certificate generator plugin could be to blame.

In my case, Fiddler was using CertMaker.BCCertMaker. After uninstalling, reinstalling and reverting to CertEnroll engine, SSL works again.

  1. Uninstall Fiddler and all its settings.
  2. Install the latest version.
  3. In Confirm Tools -> Telerik Fiddler Options... -> HTTPS, confirm that CertEnroll engine performs certificate generation.
  4. On the same dialog, press Actions -> Reset All Certificates as in Chris's answer, accepting all prompts.
  5. Restart Fiddler.
Eric Eskildsen
  • 4,269
  • 2
  • 38
  • 55
4

I was having the same issue with chrome / fiddler on ubuntu 20.04 not trusting the root certificate. I used the below steps to install fiddler - its a beta 'fiddler everywhere' which seems like its missing a few things that were there in windows version but it does work. Im not sure if this depends on (sudo apt install mono-complete). I tried the full version which did require mono so I definitely have that on my system but think mono is broken. Thinking that fiddler everywhere is somehow self contained.

I exported the certificate from fiddler options/https as crt (extensions for certs are confusing but I think this really is an x509 ssl certificate). To import to chrome I searched settings for 'manage certificates'. There are a bunch of tabs in that section and you have to select the authorities tab. I literally wasted an hour or more because I didn't see the tabs and was trying to import via the default 'your certificates' tab. Once I imported in the right place I was able to browse https traffic and fiddler everywhere could decrypt it.

George
  • 1,021
  • 15
  • 32
  • 1
    "There are a bunch of tabs in that section and you have to select the authorities tab" was a lifesaver. "I literally wasted an hour or more because I didn't see the tabs and was trying to import via the default 'your certificates' tab" - also happened to me. Thanks for posting this! – obe Aug 13 '20 at 15:38
  • 1
    This is a lifesaver answer. Literally a big thanks to you :) – essayoub Aug 15 '20 at 20:49
1

Adding to the answer by @chris, make sure that you connected your device in my case, my phone, to fiddler after clearing the certificates. Otherwise, it will still have older certificates and will not get new ones.

krv
  • 2,830
  • 7
  • 40
  • 79
0

For "Fiddler Everywhere

  • download fiddler certificate from http://127.0.0.1:8866/ (when fiddler is running)
  • go to chrome settings, type "https" to quickly navigate to "Manage Certificates"
  • go to "Authorities" tab, click "Import" button
exadmin
  • 39
  • 1