andreasbotsikas · August 29, 2015 14:24
diff --git a/GenerateStrongerKeysAndFixFiddler.bat b/GenerateStrongerKeysAndFixFiddler.bat
 @ECHO OFF
 @rem Check for visual studio tools if not already loaded
 if defined VCINSTALLDIR goto GenerateCerts
 @rem Ensure that visual studio is available
 if not defined VS120COMNTOOLS goto msbuild-not-found
 if not exist "%VS120COMNTOOLS%..\..\vc\vcvarsall.bat" goto msbuild-not-found
 call "%VS120COMNTOOLS%..\..\vc\vcvarsall.bat"
 @rem Check that vs is properly loaded
 if not defined VCINSTALLDIR goto msbuild-not-found

 :GenerateCerts
 @REM Generate a CA. Note the -cy authority for fiddler
 makecert -r -pe -n "CN=ca.localhost" -cy authority -a sha256 -len 2048 -e 10/25/2985 -ss my -sr CurrentUser -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
 @REM Generate localhost certificate
 makecert -pe -n "CN=localhost" -a sha256 -len 2048 -e 01/01/2982 -is my -ir CurrentUser -in "ca.localhost" -ss my -sr CurrentUser -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12

 @REM Export certificates
 powershell -Command "&{get-childitem cert:\currentuser\my -dnsname ca.localhost | export-certificate -filepath ca.cer}"
 powershell -Command "&{$mypwd = ConvertTo-SecureString -String "aaaaaa" -Force -AsPlainText; get-childitem cert:\currentuser\my -dnsname localhost | export-pfxcertificate -filepath localhost.pfx -password $mypwd;}"
 @REM Import certificates
 powershell -Command "&{Import-Certificate -FilePath ca.cer -CertStoreLocation 'Cert:\LocalMachine\Root'}"
 powershell -Command "&{$mypwd = ConvertTo-SecureString -String "aaaaa" -Force -AsPlainText; Import-PfxCertificate -FilePath localhost.pfx Cert:\LocalMachine\My -Password  $mypwd;}"


 @REM Generate fiddler certificate
 makecert -pe -n "CN=fiddler.intermediate" -a sha256 -len 2048 -e 01/01/2982 -is my -ir CurrentUser -in "ca.localhost" -ss my -sr CurrentUser -sky signature -eku 1.3.6.1.5.5.7.3.1 -cy authority -sy 1
 @REM set fiddler to work with new intermediate to be able to delete custom certs
 powershell -Command "&{Set-ItemProperty -Path HKCU:\Software\Microsoft\Fiddler2 -Name MakeCertRootCN -Value "fiddler.intermediate"; Set-ItemProperty -Path HKCU:\Software\Microsoft\Fiddler2 -Name MakeCertSubjectO -Value $([string]::Empty);}"
 @REM update fiddler's cert generation command to generate stronger certs for firefox (len 2048)
 powershell -Command "&{Set-ItemProperty -Path HKCU:\Software\Microsoft\Fiddler2 -Name MakeCertParamsEE -Value '-pe -ss my -n "CN={0}{1}" -sky exchange -len 2048 -in {2} -is my -eku 1.3.6.1.5.5.7.3.1 -cy end -a {3} -m 132 -b {4} {5}';}"


 @REM In order to see and export the newly created certificates 
 @REM Run mmc.exe
 @REM File-> Add or Remove Snap-ins
 @REM Select Certificates from the left and then My User account (if above is CurrentUser)
 @REM They should be in the Personal->Certificates folder.
 pause
 exit /B 0
 :msbuild-not-found
 echo Visual studio tools were not found! Please check the VS120COMNTOOLS path variable
 exit /B 1
	@ECHO OFF
	@rem Check for visual studio tools if not already loaded
	if defined VCINSTALLDIR goto GenerateCerts
	@rem Ensure that visual studio is available
	if not defined VS120COMNTOOLS goto msbuild-not-found
	if not exist "%VS120COMNTOOLS%..\..\vc\vcvarsall.bat" goto msbuild-not-found
	call "%VS120COMNTOOLS%..\..\vc\vcvarsall.bat"
	@rem Check that vs is properly loaded
	if not defined VCINSTALLDIR goto msbuild-not-found

	:GenerateCerts
	@REM Generate a CA. Note the -cy authority for fiddler
	makecert -r -pe -n "CN=ca.localhost" -cy authority -a sha256 -len 2048 -e 10/25/2985 -ss my -sr CurrentUser -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
	@REM Generate localhost certificate
	makecert -pe -n "CN=localhost" -a sha256 -len 2048 -e 01/01/2982 -is my -ir CurrentUser -in "ca.localhost" -ss my -sr CurrentUser -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12

	@REM Export certificates
	powershell -Command "&{get-childitem cert:\currentuser\my -dnsname ca.localhost \| export-certificate -filepath ca.cer}"
	powershell -Command "&{$mypwd = ConvertTo-SecureString -String "aaaaaa" -Force -AsPlainText; get-childitem cert:\currentuser\my -dnsname localhost \| export-pfxcertificate -filepath localhost.pfx -password $mypwd;}"
	@REM Import certificates
	powershell -Command "&{Import-Certificate -FilePath ca.cer -CertStoreLocation 'Cert:\LocalMachine\Root'}"
	powershell -Command "&{$mypwd = ConvertTo-SecureString -String "aaaaa" -Force -AsPlainText; Import-PfxCertificate -FilePath localhost.pfx Cert:\LocalMachine\My -Password $mypwd;}"


	@REM Generate fiddler certificate
	makecert -pe -n "CN=fiddler.intermediate" -a sha256 -len 2048 -e 01/01/2982 -is my -ir CurrentUser -in "ca.localhost" -ss my -sr CurrentUser -sky signature -eku 1.3.6.1.5.5.7.3.1 -cy authority -sy 1
	@REM set fiddler to work with new intermediate to be able to delete custom certs
	powershell -Command "&{Set-ItemProperty -Path HKCU:\Software\Microsoft\Fiddler2 -Name MakeCertRootCN -Value "fiddler.intermediate"; Set-ItemProperty -Path HKCU:\Software\Microsoft\Fiddler2 -Name MakeCertSubjectO -Value $([string]::Empty);}"
	@REM update fiddler's cert generation command to generate stronger certs for firefox (len 2048)
	powershell -Command "&{Set-ItemProperty -Path HKCU:\Software\Microsoft\Fiddler2 -Name MakeCertParamsEE -Value '-pe -ss my -n "CN={0}{1}" -sky exchange -len 2048 -in {2} -is my -eku 1.3.6.1.5.5.7.3.1 -cy end -a {3} -m 132 -b {4} {5}';}"


	@REM In order to see and export the newly created certificates
	@REM Run mmc.exe
	@REM File-> Add or Remove Snap-ins
	@REM Select Certificates from the left and then My User account (if above is CurrentUser)
	@REM They should be in the Personal->Certificates folder.
	pause
	exit /B 0
	:msbuild-not-found
	echo Visual studio tools were not found! Please check the VS120COMNTOOLS path variable
	exit /B 1