Best IT Recipes

How to remove a root CA certificate that installs a script?

Fiddler helps add a unique CA root certificate to intercept HTTPS traffic.

Once this certificate has been added, how are you going to delete it?

enter image description here

+88
certificate ssl fiddler
May 30 '13 at 4:23
source share
4 answers

In Fiddler, go to Tools & raquo; Options & raquo; HTTPS .
Then uncheck the Decrypt HTTPS traffic checkbox and run Actions & raquo; Remove Interception Certificates .

This will remove all Fiddler certificates from the Windows certificate store.

screenshot

Thanks / Thanks:

  • Eyal Abir for the original answer in the history of changes
  • Jpsy for this updated answer and screenshot
+59
Dec 13 '16 at 8:33
source share

Any of two ways:

1) Disable HTTPS decryption and click the "Delete interception certificates" button

fiddler options dialog

2) Open CertMgr.msc, open Personal and Trusted Stores and use the Delete key in the root.

+85
May 30 '13 at 12:30
source share

The EricLaw 2nd option simply expands, which is more useful if you have placed this certificate on several devices (quite common during network testing), and you want to remove it only on one (source - http://www.cantoni.org/2013/ 11/06 / capture-android-web-traffic-fiddler ):

  • Go to the "Security" tab in the settings
  • Click Trusted Credentials, then select the User tab
  • Click on the Fiddler Do Not Trust Certificate, then scroll down to remove it.
  • You may need to turn on the power of your device so that all applications can forget about the Fiddler certificate (for example, the Chrome browser will continue to try to use it for a while).
+4
Nov 04 '14 at 5:58
source share

In Fiddler, go to Tools " Options " HTTPS .
Then uncheck the Decrypt HTTPS traffic checkbox and perform Actions " Remove Interception Certificates .

This will remove all Fiddler certificates from the Windows certificate store.

enter image description here

Background:
Fiddler obviously uses a kind of man-in-the-middle approach to decrypt and verify any HTTPS traffic. To do this, he needs his own certificates that can be trusted. Therefore, leaving the Decrypt HTTPS traffic check but deleting Fiddler certificates, as suggested in other answers, does not make much sense, since Fiddler cannot decrypt then anyway.

+2
Mar 28 '19 at 7:58
source share


More articles:


All Articles