Hi Eric,
I am trying to capture the traffic of a mobile banking application installed in an Android device using Fiddler
Exactly followed the instructions on http://docs.telerik.com/fiddler/Configure-Fiddler/Tasks/ConfigureForAndroid ,
but I do not to see any HTTPS calls after capturing the traffic ; I can only see the HTTP calls captured.
1) Even after installing "Fiddler Root Certificate" on device Trusted Credentials, why HTTPS calls did get captured ?
2) Do I need to speak with Dev. for a work around ? If so , can you please guide me what exactly has to done by Dev. at server/application level ?
Got stuck with these issues for long time.Appreciate your help please.
Regards
Lenin
I am trying to capture the traffic of a mobile banking application installed in an Android device using Fiddler
Exactly followed the instructions on http://docs.telerik.com/fiddler/Configure-Fiddler/Tasks/ConfigureForAndroid ,
but I do not to see any HTTPS calls after capturing the traffic ; I can only see the HTTP calls captured.
1) Even after installing "Fiddler Root Certificate" on device Trusted Credentials, why HTTPS calls did get captured ?
2) Do I need to speak with Dev. for a work around ? If so , can you please guide me what exactly has to done by Dev. at server/application level ?
Got stuck with these issues for long time.Appreciate your help please.
Regards
Lenin
If you do see HTTP calls from the app, do any of those requests show "Tunnel to" in the HOST column in Fiddler's Session list?
Which HTTPS calls *don't* you see, specifically? Do you see HTTPS traffic from other apps?
Regards,
Eric Lawrence
Telerik
Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.
Hello,
I am having the same as the OP.
Basically, one of the apps on the Nexus 7 android device is not being properly monitored by Fiddler.
Other apps on the tablet with HTTPS traffic are working fine.
Fiddler is showing "Tunneling to" and no further communication from that app, while the app on the tablet fails to continue working.
Please advise.
You haven't provided enough information to go on; for instance, telling us what application you're talking about might allow us to help you.
Without further information, my guess is that the application is something like DropBox which uses Certificate Pinning, and cannot be intercepted without first jailbreaking the device.
Regards,
Eric Lawrence
Telerik
Hello Eric,
Thanks for the reply. I suspect certificate pinning but I have not looked at it yet.
Meanwhile, to answer you, the application is "Basis Peak" mobile app.
You should be able to check / repro the problem without the hardware. Just try to login (even w/o valid credentials) and the app won't be able to contact the server and authenticate.
Thanks!
Hi, everyone
I have the same problem.
I use a NEXUS 6P and even if my certificat is install I can't see the HTTPS traffic of my application. I can see HTTP traffic and Tunnel, I can contact the server and use the app normally but can't see HTTPS. I can see HTTPS of others applications on the device but not this one.
With an other device I don't have the problem. But I need to check HTTPS traffic in this specific device.
I'm an amateur in Fiddler and certificate so I prefer to ask.
(sorry my english is not ... good ^^")
Thanks
What version of Android is the Nexus 6P using? Also how did you install the root certificate?
Regards,
Alexander
Progress Telerik
Hi Alexander and thanks for your answer
So the version of Android is 8.0.0. And to install the root certificate is process like this :
1- start fiddler
2- open chrome on the device
3- download the certificate with the url : myipadress:8888/fiddlerroot.cer
4- install directly from the cetificate by click on it