MITM certificate uses SHA1 - Now considered deprecated by Chrome

Progress® Telerik® Fiddler™ Classic Feedback Portal

Create an account Log In

Back to Feed

Request a Feature Report a Bug

Under Review

Last Updated: 10 Apr 2017 05:00 by Eric

Ronen

Created on: 09 Apr 2017 17:18

Type: Feature Request

MITM certificate uses SHA1 - Now considered deprecated by Chrome

As of recently, Chrome started to alert about sites that have SHA1 SSL certificates (and if they have HSTS, blocks them completely). Because Fiddler's self-signing certs use SHA1, that makes it problematic to use fiddler with chrome.

1 comment

Eric

Posted on: 10 Apr 2017 05:00

Fiddler, in general, does not use SHA1 in its certificates unless you haven't updated it in many years, or you've set an obscure preference.

On what platform are you having a problem? Which certificate maker are you using (see the blue link in Tools > Fiddler Options > HTTPS).

See http://www.telerik.com/blogs/faq---certificates-in-fiddler for background. Using the "Reset Fiddler certificates" button in the Action button is probably enough to fix you up.