Friday, July 31, 2009

Problem using Fiddler to monitor SSL

For some reason, when I added my laptop to a new windows domain, Fiddler lost the ability to monitor SSL (HTTPS) requests. The basic symptoms were that when fiddler was running, I couldn't go to any SSL websites. In the fiddler logging screen, it showed a 443 connect but nothing else. Every so often, I would get a popup from MakeCert.exe that showed this error:

"Fail to acquire a security provider from the issuer's certificate"

I tried re-installing Fiddler and this didn't fix it. Finally, I deleted the fiddler root certificate from my certificate store, and the next time I started Fiddler, it worked. I'm assuming that the Fiddler root certificate got corrupted or part of it was missing and the uninstall/reinstall must not fix it. Here is how to remove the fiddler root certificate (windows XP).

1. Go to Start/Run and run "MMC"
2. Go to File..Add/Remove Snap-in
3. Click Add
4. Select Certificates and click Add
5. Selet My User Account and click finish
6. Close the dialogs and you will be in the certificates snap-in
7. Go to Certificates-Current User/Personal/Certificates
8. Right click on DO_NOT_TRUST_FiddlerRoot and delete it.

When you restart Fiddler and hit your first HTTPS site it will re-create the certificate and fiddler should work.

2 comments:

Anonymous said...

Thanks for the post. This helped me.

Anonymous said...

Great post, helped me as well! Thanks!