HTTPs requests from iOS and Android devices are not decoded in Fiddler

When working with Fiddler, problems often arise that are solved by restarting the sniffer, restarting the computer or device from which the traffic is being sniffed. But it also happens that a restart did not solve the problem, and even a complete reinstallation of fiddler. This article is not about something new and unknown, but rather a tutorial that will help you when you did everything right, but “nothing works”.

For starters, it’s worth checking (even if you already checked) the settings of Fiddler and the device from which you want to sniff traffic.

Setting up Fiddler on Windows to sniff traffic from iOS and Android devices

  1. Open Fiddler

  2. Go to Tools -> Options

  3. In the Connections tab, check the box Allow remote computers to connect

    Connections Tab
    Connections tab
  4. Reload Fiddler for the changes to take effect

  5. In the HTTPS tab:

    1) check the box for Capture HTTPS CONNECTs

    2) check the box Decrypt HTTPS traffic

    3) in the appeared window “Trust the Fiddler Root certificate” click Yes

    4) in the Security Warning window, click Yes

    5) in the Add certificate to the Machine Root List? Click Yes

    6) in the appeared window “Do you want to allow this app to make changes to your device?” choose Yes

    7) check the box Ignore server certificate errors (unsafe)

    HTTPs tab
    HTTPs tab
  6. Leave all other tabs as default and click OK.

  7. Activate Stream and Decode in the top toolbar

Setting up an iOS device to work with Fiddler

  1. Open Settings

  2. Tap Wi-Fi

  3. Tap the i icon for the network that the device is connected to

  4. Scroll down and go to Configure Proxy

  5. Select Manual

  6. Enter your IP address in the Server field

  7. In the Port field, enter your Port, tap Save

  8. Open a browser and enter http://ipv4.fiddler:{Port} in the address bar. For example, if the port is 8888, then the link will look like this http://ipv4.fiddler:8888 OR enter {IP}:{Port} into the address bar, for example, 192.168.162.202:8888

  9. Tap on the link “FiddlerRoot certificate” and download the certificate

  10. Go to Settings -> General -> Profile and install the downloaded certificate

  11. Go to Settings -> General -> About -> Certificate Trust Settings and check the box for our certificate

Setting up an Android device to work with Fiddler

  1. Open Settings

  2. Tap Wi-Fi

  3. Tap and hold the Wi-Fi network your device is connected to

  4. Select Modify Network

  5. Select “Show advanced options”

  6. Tap Proxy and select Manual

  7. Enter your IP address in the Server field

  8. In the Port field, enter your Port, tap Save

  9. Open a browser and enter http://ipv4.fiddler:{Port} in the address bar. For example, if the port is 8888, then the link will look like this http://ipv4.fiddler:8888 OR enter {IP}:{Port} into the address bar, for example, 192.168.162.202:8888

  10. Tap on the link “FiddlerRoot certificate”, the certificate will be downloaded to the device

  11. Installation should happen automatically, if the certificate is not installed, then swipe down and tap the Settings icon

  12. Go Personal -> Security

  13. Go to Credential Storage and tap “Install from storage”

  14. Tap on the FiddlerRoot.cer file

  15. (Optional) Enter the name of the certificate, for example, FiddlerRoot

  16. You can check this configuration Trusted credentials -> User, the installed certificate should be displayed there

HTTPs requests remain encrypted

  1. Necessary here download certificate generation plugin “CertMaker for iOS and Android”

  2. Go to Fiddler in Tools -> Options -> HTTPS and in Certificates generated by select CertMarker

  3. Restart Fiddler

  4. Re-download the certificate on the device from http://ipv4.fiddler:{Port}, because it will be regenerated

  5. Install the certificate on the device

After all the above manipulations, Fiddler will obediently decode the necessary HTTPs requests from the device.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *