fiddlerjscript.net

Defining a "ClientCertificateProvider" in FiddlerScript


I want to write a "ClientCertificateProvider" for Fiddler Classic using FiddlerScript.

Converting the FiddlerClientCertPicker C# Extension from @EricLaw to JScript.NET kind of worked, but connecting my code to FiddlerApplication.ClientCertificateProvider does not.

As far as I understand there is a "LocalCertificateSelectionCallback"-Delegate needed.

After struggling with the JScript.NET Syntax for quite a while ;-) here is what I am trying:

import System;
import Fiddler;
import System.Net.Security;
import System.Security.Cryptography;  
import System.Security.Cryptography.X509Certificates;


class Handlers
{
    // *****************
    //
    // This is the Handlers class. Pretty much everything you ever add to FiddlerScript
    // belongs right inside here, or inside one of the already-existing functions below.
    //
    // *****************

[...]          

    
    static function ProvideClientCertificate(oSession: Session, targetHost: String, 
                           localCertificates: X509CertificateCollection, 
                           remoteCertificate: X509Certificate, 
                           acceptableIssuers: String[]): X509Certificate {
        FiddlerObject.log("Client Certificate needed for " + targetHost);
        return (null);
    }

[...]
    static function Main() {
        var today: Date = new Date();
        FiddlerObject.StatusText = " CustomRules.js was loaded at: " + today;

        FiddlerApplication.Prefs.SetBoolPref("fiddler.network.https.clientcertificate.ephemeral.prompt-for-missing", false);

        var certProvider = Delegate.CreateDelegate(LocalCertificateSelectionCallback, typeof(Handlers), "ProvideClientCertificate", false, false); 
        FiddlerApplication.ClientCertificateProvider = LocalCertificateSelectionCallback(certProvider);

This is syntactically correct but the log entry is not shown.

The second argument for CreateDelegate should be "The Type representing the class that implements method." as the CreateDelegate documentation mentions.

The only entry while testing in Fiddler's "Log"-Tab is the expected:

The server [www.testservername.com] requested a client certificate, but no client certificate was available.

Solution

  • The problem in my code is, that the signature of the ProvideClientCertificate() function is not correct. Instead of "oSession : Session" the first argument has to be "sender: Object"

    The correct syntax is:

        static function ProvideClientCertificate(sender: Object, targetHost: String, 
                               localCertificates: X509CertificateCollection, 
                               remoteCertificate: X509Certificate, 
                               acceptableIssuers: String[]): X509Certificate {
            FiddlerObject.log("Client Certificate needed for " + targetHost);
            return (null);
        } 
    

    And there is no special "LocalCertificateSelectionCallback"-Delegate definition needed. The connection is simply made by:

        FiddlerApplication.ClientCertificateProvider = ProvideClientCertificate;
    

    Now I see the expected result in Fiddler's "Log"-Tab:

    Client Certificate needed for https://www.testservername.com