Android7.0-Fiddler证书问题

一、将Fiddler的证书导出到电脑,点击Tools -> Options -> HTTPS -> Actions -> Export Root Certificate to Desktop

二、下载Window版openssl, 点击这里打开页面,下拉到下面,选择最上面的64位EXE点击下载安装即可

安装完成之后配置环境变量,打开cmd命令行试试openssl命令是否生效

三、证书格式转换与重命名

1、将Fiddler cer证书pem证书,在cmd输入如下命令进行转换:

C:\Users\ASUS>openssl x509 -inform DER -in C:\Users\ASUS\Desktop\FiddlerRoot.cer -out C:\Users\ASUS\Desktop\FiddlerRoot.pem

2、用md5方式显示pem证书的hash值, 在cmd输入如下命令:

C:\Users\ASUS>openssl x509 -inform PEM -subject_hash_old -in C:\Users\ASUS\Desktop\FiddlerRoot.pem


269953fb
-----BEGIN CERTIFICATE-----
MIIDsjCCApqgAwIBAgIQS04EKkF4hoBDEqXCT4zxwTANBgkqhkiG9w0BAQsFADBn
MSswKQYDVQQLDCJDcmVhdGVkIGJ5IGh0dHA6Ly93d3cuZmlkZGxlcjIuY29tMRUw
EwYDVQQKDAxET19OT1RfVFJVU1QxITAfBgNVBAMMGERPX05PVF9UUlVTVF9GaWRk
bGVyUm9vdDAeFw0yNDAxMTQxOTEwMDBaFw0yNjA0MTMxOTEwMDBaMGcxKzApBgNV
BAsMIkNyZWF0ZWQgYnkgaHR0cDovL3d3dy5maWRkbGVyMi5jb20xFTATBgNVBAoM
DERPX05PVF9UUlVTVDEhMB8GA1UEAwwYRE9fTk9UX1RSVVNUX0ZpZGRsZXJSb290
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJ9XptW8krMuKZ28MGIX
Lbox8+LVRxga3E6A07MrH6X8JoOjUsLn2LIqBpYlY0Aoe7s3O0gXPQk0BVine9IT
BDnN+KgTEXcHdgS/s1fj2OB/B3a9zYyp6U637AKeHCO2y1KlEn5SLSOGKHU6ECBI
8AvllLKkbAkXxijYcalYiRd1j571PTWpN2AJQmQVCleqJxifOdIcWXxuWpddFPVh
19ZT8JmUoPGfsI6XZzbY7ZHwoxcOqHbmx4i49lACXqYJBYDZ8s8MED4ukR/CptcE
VRYnotU9ah3b8zKWKIHRF2frcjVHNVa7RLjP9mu9ommKq1apRMoQGb/mx2pCAM+V
/QIDAQABo1owWDATBgNVHSUEDDAKBggrBgEFBQcDATASBgNVHRMBAf8ECDAGAQH/
AgEAMB0GA1UdDgQWBBTu7Nhkm6lY03t/OGJEfSYXCU6ykDAOBgNVHQ8BAf8EBAMC
AQYwDQYJKoZIhvcNAQELBQADggEBAD7fs5jzS6ERIdbT73vTNhdfloThweqJQloW
8uwAqytz+nAORuDFNZq5qc9G1MHTthBocvxvetFIZ22n2IT6dLRW0UT237HUbEyd
jSB5t9cGxBeEG9wok6v7kaJY8Bv7CXT7V+aitMOiL+BkZjU5tSquhdgBoUjfPmZK
RZ/VD4HHqHN83R16E5Uuz1cKwXWmDnIvV3RyNIiGSNASM7Q24zcRU2R/JOVnqZk/
iLFuyGbD0+7gqO/ane5vuQOmpftrdhcMhAc/UeBFl0O3Y3U5XBLsMkwzkSOb99Fh
GZhKLdegJoRoi+88p8EJw9Zt8uPmZoZxbWe2ZvjE=
-----END CERTIFICATE-----

3、将pem证书重命名,使用上面显示的值269953fb对pem证书进行重命名,以下命令仅适用于window,linux请用mv

C:\Users\ASUS>ren C:\Users\ASUS\Desktop\FiddlerRoot.pem 269953fb.0

《到这里不要关闭这个终端》

四、安装证书到系统目录(/system/etc/security/cacerts)

示例:我也是用的夜神android 7系统的模拟器,打开进去模拟器

进入夜神模拟器的安装目录cmd进去新的命令行后

1.进入到夜神模拟器的终端shell中

D:\Program Files\Nox\bin>adb shell

2.输入su 切换到超级用

d2q:/ # su

  1. cd /system/etc/security 文件目录中,

d2q:/ # cd /system/etc/security

4.然后输入ls -l, 可以看到cacerts目录,我们只有读与执行权限,并没有写入的权限

total 12

drwxr-xr-x 2 root root 4096 2023-10-17 02:42 cacerts

-rw-r--r-- 1 root root 2207 2023-10-17 02:42 mac_permissions.xml

-rw-r--r-- 1 root root 1036 2023-10-17 02:42 otacerts.zip

5.输入chmod 777 cacerts, 让咱们对该目录拥有写入权限,(可以发现,没有改变)

d2q:/system/etc/security # chmod 777 cacerts

chmod: chmod 'cacerts' to 40777: Read-only file system

1|d2q:/system/etc/security # ls -l

total 12

drwxr-xr-x 2 root root 4096 2023-10-17 02:42 cacerts

-rw-r--r-- 1 root root 2207 2023-10-17 02:42 mac_permissions.xml

-rw-r--r-- 1 root root 1036 2023-10-17 02:42 otacerts.zip

重新挂载一下系统,然后再输入chmod 777 cacerts,成功

d2q:/system/etc/security # mount -o remount,rw /system

d2q:/system/etc/security # chmod 777 cacerts

d2q:/system/etc/security # ls -l

total 12
drwxrwxrwx 2 root root 4096 2023-10-17 02:42 cacerts

-rw-r--r-- 1 root root 2207 2023-10-17 02:42 mac_permissions.xml

-rw-r--r-- 1 root root 1036 2023-10-17 02:42 otacerts.zip

d2q:/system/etc/security # exit

6、退出shell终端,然后,将事先转换好的Fiddler证书推送到夜神模拟器的/system/etc/security/cacerts目录下

《在之前那个终端中输入下面内容》

C:\Users\ASUS>adb push C:\Users\ASUS\Desktop\269953fb.0 /system/etc/security/cacerts

C:\Users\ASUS\Desktop\269953fb.0: 1 file pushed, 0 skipped. 0.3 MB/s (1364 bytes in 0.004s)

7、到这里就已经成功的把Fiddler证书安装到系统目录了,咱们点击模拟器的设置 -> 安全-> 信任的凭据 -> 系统,往下拉可以看到咱们的Fiddler证书

不明白的看原文
来自原文:http://www.ppsbbs.tech/thread-890.htm