我正在使用Fiddler來監視我們私人項目的HTTPS流量。升級到Windows 10並安裝Fiddler後,我無法創建根證書。我試圖同時使用CertEnroll和MakeCert兩者返回他們不能創建一個根證書:改變我重置所有證書和/或刪除攔截證書服務時Fiddler 4 Windows上的證書錯誤
09:53:54:2275 Fiddler.CertMaker> [C:\Program Files (x86)\Fiddler2\MakeCert.exe -r -ss my -n "CN=DO_NOT_TRUST_FiddlerRoot, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com " -sky signature -eku 1.3.6.1.5.5.7.3.1 -h 1 -cy authority -a sha256 -m 132 -b 01/07/2015 ] Returned Error: Creation of the interception certificate failed.
makecert.exe returned -1.
Results from C:\Program Files (x86)\Fiddler2\MakeCert.exe -r -ss my -n "CN=DO_NOT_TRUST_FiddlerRoot, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com " -sky signature -eku 1.3.6.1.5.5.7.3.1 -h 1 -cy authority -a sha256 -m 132 -b 01/07/2015
Error: Can't create the key of the subject ('JoeSoft') Failed
和
09:43:37:0332 /Fiddler.CertMaker> Invoking CertEnroll for Subject: CN=DO_NOT_TRUST_FiddlerRoot, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com ; Thread's ApartmentState: MTA 09:43:39:0853 !ERROR: Failed to generate Certificate using CertEnroll. System.Reflection.TargetInvocationException Exception has been thrown by the target of an invocation. < CertEnroll::CX509PrivateKey::Create: The requested operation cannot be completed. The computer must be trusted for delegation and the current user account must be configured to allow delegation. 0x80090345 (-2146892987 SEC_E_DELEGATION_REQUIRED)
每次。 AppData/Roaming/Microsoft/Crypt/RSA/{LONG_ID}
中的密鑰也無處找到(該文件夾始終爲空)。 在瀏覽論壇後,我按照一些說明下載了Bouncy Castle Certificate Maker(爲Android推薦的那個),並且創建了2個根證書並將它們添加到Windows,以便它們將被信任。這樣做後,我的所有HTTPS流量看起來都像帶隧道的HTTP。當尋找到這個問題,我發現,在文本視圖它說
"This is a CONNECT tunnel, through which encrypted HTTPS traffic flows. Fiddler's HTTPS Decryption feature is enabled, but this specific tunnel was configured not to be decrypted. Settings can be found inside Tools > Fiddler Options > HTTPS."
和記錄器返回的幾個如下:
"10:02:38:5419 !Certificate cache didn't find certificate for [server.com]. Returning null to thread #30. ___ 10:02:38:5419 fiddler.https> Failed to obtain certificate for server.com due to Certificate Maker returned null when asked for a certificate for server.com"
"Failed to create certificate for server.com: The requested operation cannot be completed. The computer must be trusted for delegation and the current user account must be configured to allow delegation."
在隧道連接的屬性,我發現
"X-HTTPS-DECRYPTION-ERROR: Could not find or generate interception certificate."
您有任何解決方案嗎?我真的很感激它。謝謝! :)
謝謝你的答案,但沒有。我每隔幾分鐘就嘗試一次。如上所述,溶劑是一個窗戶問題。 –