Intermediate Certificates and Trusted Roots Certs of Current User Store exist after "Remove Interception Certificates" option

Progress® Telerik® Fiddler™ Classic Feedback Portal

Create an account Log In

Back to Feed

Request a Feature Report a Bug

Unplanned

Last Updated: 24 Jun 2020 12:30 by ADMIN

yuweiming

Created on: 24 Jun 2020 11:48

Type: Bug Report

Intermediate Certificates and Trusted Roots Certs of Current User Store exist after "Remove Interception Certificates" option

Removing interception certificates via Fiddler options "Remove Interception Certificates" only removes them from Personal and Trusted Root Certification Authorities of the Local Computer Store.

Certificates located in Current User Store - Trusted Root Certification Authorities and Intermediate Certificates is not removed.

This certificate is not trusted after using "Remove Interception Certificates" and has status "This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store".

sigcheck -t[u]v doesn't show any warnings.

Tested this on both Windows 7 and 10.

Tried refreshing certmgr, restarting it, and rebooting machine with no success - certificates are still there.

This should

1 comment

ADMIN

Eric R | Senior Technical Support Engineer

Posted on: 24 Jun 2020 12:30

Hi Yuweiming,

Thanks again for bringing this to our attention and this has been added to the backlog. At this time, there is workaround which I have listed the steps below.

Step 1: Manually delete the certificates from the Current User Store. To do this follow the below steps.

Use Ctrl + R , type mmc and hit enter.
Add the Certificates Add-in to the Console.
Select Current User.
Select the Fiddler Root Certificates in the Trusted Root Certification Authorities and hit delete.
Select the Fiddler Root Certificate in the Intermediate Certificates and hit delete.

Step 2: Use the CertMaker for iOS and Android Add-on for HTTPS decryption.

This uses the BouncyCastle certificate generator which only adds the certificates to the Local Machine Store.

I tested the above locally and can confirm that after deleting the Current User certificates and using the BouncyCastle certificate generator the Current User certificates are not created. Let me know if this doesn't happen in your environment.

Please let me know if you need any additional information. As always, we welcome any feedback that you may have. Thank you and I look forward to your reply.

Regards,

Eric R | Senior Technical Support Engineer
Progress Telerik

Progress is here for your business, like always. Read more about the measures we are taking to ensure business continuity and help fight the COVID-19 pandemic.
Our thoughts here at Progress are with those affected by the outbreak.