dowhatyoudo22
asked on
Getting the wrong SSL certificate when trying to access a secure site
Trying to access a https site. The site has a valid SSL certificate. Whenever I attempt to access the site via this one specific laptop instead of getting the sites valid certificate I am getting this 'DO_NOT_TRUST_fiddlerroot' certificate for the site. Of course this then causes me problems as the key doesnt match and I am not able to access the site.
Did some research and it appears the certificate is tied to an network monitoring tool called fiddler. However I can not find any mention of fiddler under Start>Programs or Control Panel>Programs and Features.
I tried removing the DO_NOT_TRUST_Fiddlerroot certifcates from Internet Options>Content>certificat es and from MMC but when I reboot the machine and relaunch IE they all come back.
Any suggestions on how I can either remove this certificate or somehow force this laptop to use the right certificate for the site I am trying to access.
Did some research and it appears the certificate is tied to an network monitoring tool called fiddler. However I can not find any mention of fiddler under Start>Programs or Control Panel>Programs and Features.
I tried removing the DO_NOT_TRUST_Fiddlerroot certifcates from Internet Options>Content>certificat
Any suggestions on how I can either remove this certificate or somehow force this laptop to use the right certificate for the site I am trying to access.
ASKER
Did that. But they keep coming back after I reboot and try to relaunch the site.
Hi,
Try in the key store \Users\username\AppData\Ro aming\Micr osoft\Cryp to\Keys\
IE quicklaunch \Users\username\AppData\Ro aming\Micr osoft\Inte rnet Explorer\Quick Launch\
Telerik folder in Program files / app data.
Cheers
Leon
Try in the key store \Users\username\AppData\Ro
IE quicklaunch \Users\username\AppData\Ro
Telerik folder in Program files / app data.
Cheers
Leon
Just install that certificate on laptops trusted root certification store to avoid errors
Fiddler is basically used to monitor SSL (HTTPS) requests
It might get installed in stealth mode with Google chrome etc
Mahesh
Fiddler is basically used to monitor SSL (HTTPS) requests
It might get installed in stealth mode with Google chrome etc
Mahesh
I was under the impression that fiddler was actually a proxy server used to intercept ssl / tls traffic for logging and debugging purposes.
maybe this has changed.
Cheers
Leon
maybe this has changed.
Cheers
Leon
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks everyone. I stumbled across this yesterday afternoon while working on the laptop. Changing the LAN Settings from Proxy to Automatically detect fixed the issue. I'm still not entirely sure how fiddler got on the machine in the first place and how to get it completly off. But its working now.
Dave, you were spot on with the assessment and Leon your steps are excatly what I did to resolve the issue.
Thanks again!!
Dave, you were spot on with the assessment and Leon your steps are excatly what I did to resolve the issue.
Thanks again!!
Glad I could help.
I also discovered that Microsoft Forefront Security software was controlling the proxy settings of IE. I would change the settings to Auto Discover and MS Forefront would change it right back.
Open Cert Manager (certmgr.msc), open the Personal and Trusted stores, and delete the fiddler CA key.
Cheers
Leon