.net - How to read SubjectAltName of an HTTPS cert in Fiddler script (JScript.NET)? -
i managed come following solution read subjectaltname of https cert in fiddler script (haven't found easier way, there any?):
static function onevalcert(o: object, e: validateservercertificateeventargs) { try { var x2: system.security.cryptography.x509certificates.x509certificate2 = new system.security.cryptography.x509certificates.x509certificate2(e.servercertificate); var extensions : system.security.cryptography.x509certificates.x509extensioncollection = x2.extensions; (var extension in extensions) { if (extension.oid.friendlyname == "subject alternative name") { var asndata : system.security.cryptography.asnencodeddata = new system.security.cryptography.asnencodeddata(extension.oid, extension.rawdata); e.session["ui-comments"] = "san=" + system.text.encoding.utf8.getstring(asndata.rawdata); } } e.session.refreshui(); } catch (ex) { fiddlerapplication.log.logformat("failed evaluate certificate: {0}", ex.message); } } static function onboot() { fiddlerapplication.add_onvalidateservercertificate(onevalcert); }
this works, output contains garbled characters.
for example, when connecting twitter i'd expect:
san=twitter.com www.twitter.com
instead get:
san=0�twitter.com�www.twitter.com
(depending on domain, there different characters separating values seems).
which encoding should use decode raw value?
Comments
Post a Comment