I meant that Fiddler switches the original certificates with certificates that i... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

theatraine on Feb 12, 2015 | parent | context | favorite | on: Decrypting TLS Browser Traffic with Wireshark

I meant that Fiddler switches the original certificates with certificates that it generates. It's not a big deal if you trust them (on Windows Chrome and IE work automatically since it adds them to the trusted root store) and for Firefox you just have to trust the Fiddler issued certificate. However, if you inspect the certificate of an HTTPS site when Fiddler is running you see the CA is "DO_NOT_TRUST_FiddlerRoot".

platz on Feb 13, 2015 [–]

I believe mitmproxy also sniffs HTTPS, but I think it uses a different method by dynamically generating a cert based on the true one http://mitmproxy.org/doc/howmitmproxy.html (bottom)

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact