New Windows 10 install. System.Security.Cryptography.CryptographicException: Access is denied.
Tried running as admin. No change.
Tried installing the cert manually via export and import however then Chrome gives me NET::ERR_CERT_AUTHORITY_INVALID.
Tried resetting cert and installing again. Same access denied error as before.
Entirely stuck here.
9 Answers, 1 is accepted
The browser error is expected because the Fiddler Root Certificate is not issued by a Public Certificate Authority.
For the Windows Error, I am not sure how the certificate is being installed. Can you provide a list of the steps you are going through to do this? Once I have this information I will be able to provide a better response.
Please let me know if you need any additional information. Thank you and I look forward to your reply.
Regards,
Eric R | Technical Support Engineer
Progress Telerik
Rank 1
Thank you for the steps. This could be from a group policy in Windows 10 if you are on a corporate machine. If this is the case, I recommend using the Bouncy Castle add-on to setup the certificates.
Using the Bouncy Castle add-on is actually the recommended certificate generator approach as outlined in the Understanding Fiddler Certificate Generators post.
Please give this a try and let me know the results. Thank you and I look forward to your reply.
Regards,
Eric R | Technical Support Engineer
Progress Telerik
Rank 1
Thank you for the screenshot. I see that the Windows AppContainer is configured which stores the certificate in the Machine Trusted Root Store. This will usually throw an Access Denied Error. The default location for storing the certificate is in the User's Trusted Root Store. Unless there is a specific technical need, I recommend disabling the Windows AppContainer Configuration and trying the setup again through Tools -> Options -> HTTPS.
Please give this a try and let me know how it goes. Thank you and I await your reply.
Regards,
Eric R | Technical Support Engineer
Progress Telerik
Rank 1
Hi Byron,
My sincerest apologies, I missed typed. I meant to install the certificate in the User's Trusted Root Store instead of the Machine's Trusted Root Store. I have seen issue others were having with this.
One option that can be configured is to set the Clear server certs on exit checkbox inside the Tool > Fiddler > Options > HTTPS > Certificate provider dialog. See the below screenshot for where to find this. This should clear out any certificates and allow for a fresh start.
Please give this a try and let me know the results. Thank you.
Regards,
Eric R | Technical Support Engineer
Progress Telerik
Rank 1
Hi Byron,
If the installation still fails after configuring Fiddler to Clear Certificates on Exit, I recommend trying to manually install the certificate. See the steps below for how to do this.
Step 1 - Disable the Clear Certificates on Exit which was previously set.
Step 2- Use the Actions Button to Export Root Certificate to Desktop as shown in the below screenshot.
Step 3 - Run certmgr.msc, then drag and drop the certificate into the User's Trusted Root Certification Authorities folder as shown in the below screenshot.
Please give this a try and let me know if you need any additional information. Thank you.
Regards,
Eric R | Technical Support Engineer
Progress Telerik
Rank 1
I'm having a similar problem. I checked the Clear on Exit and after exiting Fiddler I checked my certificate manager and they were indeed removed. I then selected Trust Certificate from fiddler and went through the prompts. I verified that chrome was now seeing the updated certificates. However it's still complaining that "This certificate has an invalid digital signature."
I'm not sure how to fix this. Hopefully someone can help.
