I installed Fiddler to view the communication between the server and the client, but after launching it, the sites located on http S issue the following: enter image description here

Yuzayu fox.

    1 answer 1

    In terms of information security, Fiddler is man in the middle , the “man in the middle.” In other words - the interceptor intruder.

    The fact is that any proxy server intercepts traffic after it has left the browser. But HTTPS was designed to protect against this.

    This protection is provided by a “key pair – certificate” pair:

    1. A key pair is two keys, one of which encrypts traffic, and the other decrypts it. The first is known only to the server, the second is given to everyone. The most interesting thing is that knowing the public key it is impossible to either encrypt traffic or receive a private, encrypting key.

      By using the secret key, the server confirms its authorship for the traffic and its inviolability. If someone re-encrypts the traffic with his key, then on the client side after decryption, you get unmarked garbage.

    2. A certificate is a special document containing a public key and an indication of which traffic from which domains should be decrypted by it. The certificate may also contain information about the owner of the domain.

      Thanks to certificates, no one can introduce himself as someone else’s server, since for this you need to have a private key, the open part of which is contained in the certificate. Moreover, the certificate itself is also encrypted in a key pair, this time by a reputable organization that issued this certificate.

    Since Fiddler doesn’t have a private key , he couldn’t present himself as a server if he wanted to. Therefore, the browser (Firefox in this case) and beats the alarm about interference in the communication channel.

    There is only one way out - to find and install the add-on directly in the browser . Only the add-on can work with traffic after its decryption, when all security measures have already been worked out.

    And no, you cannot add an exception. How can a computer know that the proxy is started by you and only for debugging purposes? Suddenly, is it a rootkit or a Trojan horse, replacing the contents of the page with its own, fraudulent or malicious?