Login/Register
Proxying HTTPS traffic through Fiddler fails for remote clients?
Asked Answered
proxyfiddlerremote-connections
K

4

8

Started fiddler on one machine, enabled remote connections and HTTPs. When trying to open IE browser on a remote machine (after configuring proxy settings manually) and trying to browse to https://www.gmail.com, I am getting the usual warning. When trying to "Continue to Web Site" I am getting a "Certificate error: Navigation failed".

Everything works fine when Fiddler and the browser are running on the same machine.

Any help would be appreciated.

Kamakura answered 5/4, 2013 at 18:34 Comment(0)
P
15

You must configure the client machine to trust the Fiddler Server's certificate.

From the help:

Q: Can Fiddler decrypt HTTPS traffic from a different machine?

A: Yes, if you've configured Fiddler to proxy traffic from a second computer or device, you can decrypt that traffic, with two caveats:

  1. If the client computer itself previously had run Fiddler in HTTPS-decryption mode, all attempts to visit HTTPS pages secured by the other computer's version of Fiddler will fail with an unspecified certificate error. To resolve this, remove the old Fiddler root certificate that is in the client's Trusted Root certificate store using certmgr.msc. (The mismatched root certificate causes the problem, as every Fiddler instance generates its own unique root).

  2. If you want the client computer to trust the Fiddler certificate, you will have to copy or download the Fiddler Root certificate to the client computer and manually install it into the Trusted Root Certification Authorities store. You can download the Fiddler Root certificate by visiting using the URL:

    http://hostname.of.FiddlerMachine:8888/FiddlerRoot.cer

Parliamentarianism answered 5/4, 2013 at 18:49 Comment(5)
Thanks Eric, it worked with one problem. Clicking on "Continue to Web Site" still resulted with error. Second click did the job. Is there a way to make this work when FiddlerCore is used?Kamakura
You won't see the "Continue to website" message at all if you've properly installed the trusted Root certificate on the client.Parliamentarianism
Fiddler can capture traffic from the iPhone when properly configured. StackOverflow discourages conversations in comments, as they're unmaintainable.Parliamentarianism
@Parliamentarianism I succeeded fiddler config with iPhone but is there any way to do it without certificate installation like ccproxy? I need it because I am trying to bypass iCloud authentication and can't install certificates.Palpebrate
It's not possible to decrypt HTTPS traffic without self-signed certificates or jailbreaking.Parliamentarianism
C
8

If you've been using Fiddler for a long time, especially if you're using it across updates, you might find that Fiddler won't capture traffic no matter what you do, for any browser, even if you click Trust Root Certificate until you're blue in the face.

Trust Root Cert is normally the answer, but not when Fiddler has filled your Cert store with bad certs

I was experiencing the There is a problem connecting securely to this website. message in IE, and Chrome was giving up the ghost with Your connection is not private

The very easy fix, however, is to let Fiddler purge all of its old certs from your machine and start fresh. Do this by clicking Reset All Certificates.

enter image description here

This will delete all of Fiddler's old certs and create one new master interception certificate.

Note: this will not delete any of your other certs, just Fiddler's certs.

This worked for me in two separate instances, with no reboot needed.

Caltanissetta answered 4/4, 2017 at 16:28 Comment(1)
This worked for me, though I did have to restart Fiddler afterwards.Hyps
S
1

I would like to share the issue and resolution which works for me I was using fiddler version--v4.6.3.50306 and suddenly it was NOT caputering Https traffic and it shows error in fiddler Inspector tab as below -:

Error Description -:

"Https handshake to server-xxxx.com is failed. System.Security.Cryptography.CryptographyException.The Specified network password is not correct"

I do below things to solve the issue

Reset all certificates under Tools-->Fiddler Option-->Https-->Action button-->Reset all certificate But it does not work.

Then after 3 frustrating days below things RESOLVED my issue-: :)

  1. Open registry
  2. search all entries with word "fiddler" and "eric" also
  3. Delete all registry files
  4. Restart machine
  5. Install fiddler again with admin prvilege
  6. Restart machine
  7. Now it start capturing Https traffic and also decrypting.

Hope this helps to you.

Thanks, Parth Shah

Sherbrooke answered 26/12, 2016 at 13:54 Comment(1)
Uninstall and Install fiddler again with admin prvilege helped me, no need to remove registry entries :-)Patina
L
0

I had a similiar issue using Fiddler Classic, with the following error message in the log:

fiddler.network.https> HTTPS handshake to <server> (for #<number>) failed. System.Security.Cryptography.CryptographicException The specified network password is not correct.

Resetting/removing the certificates didn't work, however removing the following certificate file resolved the issue:

%USERPROFILE%\Documents\Fiddler2\ClientCertificate.cer

Laquitalar answered 21/6, 2023 at 6:55 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.