I'm trying to set up Fiddler as a transparent MITM proxy for HTTPS traffic. It works fine for HTTP traffic, but am having trouble figuring out configuration for HTTPS.
I have Fiddler running on a Windows host, listening on port 8888.
On my linux host, I have added the following rule:\
iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to 192.168.5.212:8888
This works great for regular HTTP traffic. I see any request on the linux host get transparently redirected to fiddler.
However, for HTTPS traffic, this does not work as Fiddler's 8888 port is not HTTPS and consequently the following fails to connect/handshake:
iptables -t nat -A OUTPUT -p tcp --dport 443 -j DNAT --to 192.168.5.212:8888
I dug around and found that I can enable an additional listener using QuickExec by doing the following in the QuickExec window
iptables -t nat -A OUTPUT -p tcp --dport 443 -j DNAT --to 192.168.5.212:8888
curl https://www.google.com
I have installed the FidderRoot CA certificate and this gets me one step closer, but my curl/wget from my host fails in that it receives a certificate to CN=localhost and not the actual host I'm trying to reach.
How can I setup Fiddler for it to auto-sign the certificates from port 8889 with proper MITM certificates?
Thanks,
Eric