问题描述

是否可以更改Fiddler的根证书.对于客户端应用程序使用证书固定并且可以访问其证书受客户端应用程序信任的密钥库的情况，我需要使用它.

Is there a way to change the Fiddler's root certificate. I want it for a scenario when the client app uses certificate pinning and I have access to the keystore, whose certificate is being trusted by the client app.

推荐答案

我认为您是在问我可以更改Fiddler用于特定站点的证书吗" ，而不是 root 证书，该证书适用于所有网站.

I think you're asking "Can I change the certificate Fiddler uses for a particular site" rather than the root certificate, which is used for all sites.

是的，如果确实有证书的私钥，则可以配置Fiddler来使用它.在Fiddler的规则">自定义规则">"OnBoot"函数中，可以调用以下任一方法:

Yes, if you really do have the private key for the certificate, you can configure Fiddler to use it. Inside Fiddler's Rules > Customize Rules > OnBoot function, you can call either:

CertMaker.StoreCert("example.com", certMyCert);

或

CertMaker.StoreCert("example.com", "C:\\temp\\cert.pfx", "TopSecretPassword");

第一个调用要求您的X509Certificate2变量(在这种情况下为certMyCert)引用计算机证书管理器(certmgr.msc)中已安装的证书，因此可以找到其私钥，而第二个允许您可以从磁盘中指定一个PFX文件.

The first call requires that your X509Certificate2 variable (certMyCert in this case) refer to a certificate that is already installed in your computer's Certificate Manager (certmgr.msc), so its private key can be found, while the second allows you to specify a PFX file from disk.

这篇关于更改Fiddler根证书以成功解密HTTPS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！