对于远程客户端,通过Fiddler代理HTTPS通信失败吗? [英] Proxying HTTPS traffic through Fiddler fails for remote clients?
问题描述
在一台计算机上启动提琴手,启用了远程连接和HTTP.尝试在远程计算机上打开IE浏览器时(手动配置代理设置后)并尝试浏览到 https://www.gmail .com ,我得到了通常的警告.尝试继续访问网站"时,出现证书错误:导航失败".
Started fiddler on one machine, enabled remote connections and HTTPs. When trying to open IE browser on a remote machine (after configuring proxy settings manually) and trying to browse to https://www.gmail.com, I am getting the usual warning. When trying to "Continue to Web Site" I am getting a "Certificate error: Navigation failed".
当Fiddler和浏览器在同一台计算机上运行时,一切正常.
Everything works fine when Fiddler and the browser are running on the same machine.
任何帮助将不胜感激.
推荐答案
您必须配置客户端计算机以信任Fiddler Server的证书.
You must configure the client machine to trust the Fiddler Server's certificate.
来自帮助:
问:Fiddler可以解密来自另一台计算机的HTTPS通信吗?
Q: Can Fiddler decrypt HTTPS traffic from a different machine?
A:是的,如果您配置了Fiddler以代理来自第二台计算机或设备的流量,则可以通过以下两个警告来解密该流量:
A: Yes, if you've configured Fiddler to proxy traffic from a second computer or device, you can decrypt that traffic, with two caveats:
-
如果客户端计算机本身以前曾以HTTPS解密模式运行Fiddler,则访问另一台计算机的Fiddler版本保护的HTTPS页面的所有尝试均将失败,并出现未指定的证书错误.要解决此问题,请使用certmgr.msc 删除客户端的受信任根证书存储中的旧Fiddler根证书. (不匹配的根证书会导致此问题,因为每个Fiddler实例都会生成自己的唯一根.)
If the client computer itself previously had run Fiddler in HTTPS-decryption mode, all attempts to visit HTTPS pages secured by the other computer's version of Fiddler will fail with an unspecified certificate error. To resolve this, remove the old Fiddler root certificate that is in the client's Trusted Root certificate store using certmgr.msc. (The mismatched root certificate causes the problem, as every Fiddler instance generates its own unique root).
如果您希望客户端计算机信任Fiddler证书,则必须将Fiddler Root证书复制或下载到客户端计算机,然后手动将其安装到Trusted Root证书颁发机构存储中.您可以使用以下网址访问来下载Fiddler Root证书:
If you want the client computer to trust the Fiddler certificate, you will have to copy or download the Fiddler Root certificate to the client computer and manually install it into the Trusted Root Certification Authorities store. You can download the Fiddler Root certificate by visiting using the URL:
http://hostname.of.FiddlerMachine:8888/FiddlerRoot.cer
这篇关于对于远程客户端,通过Fiddler代理HTTPS通信失败吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
