November 20, 2018

Monitoring DiagTrack HTTPS traffic

DiagTrack on Windows 10 checks for a Microsoft root in the certificate chain before downloading its configuration data. This can be bypassed with a test hook conveniently left inside the component. Simply create:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\DiagTrack\TestHooks\Volatile\SkipMicrosoftRootCertCheck

and set it to 1.