Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Getting the wrong SSL certificate when trying to access a secure site

Posted on 2014-02-11
10
Medium Priority
?
11,401 Views
Last Modified: 2015-02-05
Trying to access a https site. The site has a valid SSL certificate. Whenever I attempt to access the site via this one specific laptop instead of getting the sites valid certificate I am getting this 'DO_NOT_TRUST_fiddlerroot' certificate for the site. Of course this then causes me problems as the key doesnt match and I am not able to access the site.

Did some research and it appears the certificate is tied to an network monitoring tool called fiddler. However I can not find any mention of fiddler under Start>Programs or Control Panel>Programs and Features.

I tried removing the DO_NOT_TRUST_Fiddlerroot certifcates from Internet Options>Content>certificates and from MMC but when I reboot the machine and relaunch IE they all come back.

Any suggestions on how I can either remove this certificate or somehow force this laptop to use the right certificate for the site I am trying to access.
0
Comment
Question by:dowhatyoudo22
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 5

Expert Comment

by:Leon Kammer
ID: 39850994
Hi,

Open Cert Manager (certmgr.msc), open the Personal and Trusted stores, and delete the fiddler CA key.

Cheers

Leon
0
 

Author Comment

by:dowhatyoudo22
ID: 39851024
Did that. But they keep coming back after I reboot and try to relaunch the site.
0
 
LVL 5

Expert Comment

by:Leon Kammer
ID: 39851069
Hi,

Try in the key store \Users\username\AppData\Roaming\Microsoft\Crypto\Keys\
IE quicklaunch \Users\username\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
Telerik folder in Program files / app data.

Cheers

Leon
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 
LVL 38

Expert Comment

by:Mahesh
ID: 39851121
Just install that certificate on laptops trusted root certification store to avoid errors

Fiddler is basically used to monitor SSL (HTTPS) requests
It might get installed in stealth mode with Google chrome etc

Mahesh
0
 
LVL 5

Expert Comment

by:Leon Kammer
ID: 39851366
I was under the impression that fiddler was actually a proxy server used to intercept ssl / tls traffic for logging and debugging purposes.

maybe this has changed.

Cheers

Leon
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 1200 total points
ID: 39852900
You are correct Leon. Someone has configured the "fiddler" diagnostic proxy on this laptop (or on the network, if they are being naughty, and updated the browse on the laptop to use this proxy)

If this was not done by the poster, then the notation on the certificate is correct - you should *Not* trust this certificate,and should investigate your proxy settings accordingly to see where you are getting proxy service from and why it is trying to read "inside" a https connection.
0
 
LVL 5

Assisted Solution

by:Leon Kammer
Leon Kammer earned 800 total points
ID: 39853918
Hi,

Thanks for the confirmation Dave :)

OK, Check IE's proxy settings, and check your connection to the local network.
Confirm you are not connecting via the fiddler proxy on the local machine, or a third party proxy server like privoxy on the local machine.

There are better and easier alternatives for MITM attacks, so I don't think this is anything nefarious.

Cheers

Leon
0
 

Author Comment

by:dowhatyoudo22
ID: 39854025
Thanks everyone. I stumbled across this yesterday afternoon while working on the laptop. Changing the LAN Settings from Proxy to Automatically detect fixed the issue. I'm still not entirely sure how fiddler got on the machine in the first place and how to get it completly off. But its working now.

Dave, you were spot on with the assessment and Leon your steps are excatly what I did to resolve the issue.

Thanks again!!
0
 
LVL 5

Expert Comment

by:Leon Kammer
ID: 39854180
Glad I could help.
0
 

Expert Comment

by:steelejay
ID: 40592568
I also discovered that Microsoft Forefront Security software was controlling the proxy settings of IE. I would change the settings to Auto Discover and MS Forefront would change it right back.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question