I recently tried to change the cert generator of Fiddler on a machine where there must have been some access control policy or something because I couldn't add a root certificate to the trusted root store and Fiddler couldn't create certificates. In Fiddler I saw this:
17:29:23:8243 DefaultCertMaker: GetRootCertificate() did not find the root in the Windows TrustStore.
17:29:23:8273 DefaultCertMaker: GetRootCertificate() did not find the root in the Windows TrustStore.
17:29:23:8293 /Fiddler.CertMaker> Invoking CertEnroll for Subject: CN=DO_NOT_TRUST_FiddlerRoot, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com; Thread's ApartmentState: MTA
17:29:24:0083 !ERROR: Failed to generate Certificate using CertEnroll. System.Reflection.TargetInvocationException Exception has been thrown by the target of an invocation. < CertEnroll::CX509CertificateRequestCertificate::Encode: An internal error occurred. 0x80090020 (-2146893792)
The blame is very likely on my end but Fiddler's behavior I think was troubling because it allowed HTTPS connections to continue without decrypting or intercepting the contents even though 'Decrypt HTTPS traffic' was checked. If the user has specified traffic interception but Fiddler is unable to do it then I think the connection should be stopped before the transfer can start.
Also the error message box kept popping under my windows instead of on top which was annoying. A screenshot of it is attached. I installed the Bouncy Castle alt certmaker (fiddlercertmaker 20170915.exe) and either that or something else I did (?) worked because Fiddler is working now.
v5.0.20181.14850 for .NET 4.6.1
Built: Tuesday, March 20, 2018