I have a console app that communicates with a number of 3rd party services via http. The original version of the app is developed for the .net Framework and Fiddler is able to successfully all of the https calls that the app makes.
I have ported the app to .Net Core 2.1. Fiddler is not capturing the HTTPS calls made by the .Net Core version of the app.
Any ideas as to why Fiddler is not working with the .Net Core app?
2 Answers, 1 is accepted
It is possible that .NET Core is using WinHTTP instead of WinINET, for which Fiddler is configured as proxy. You can find how to set the WinHTTP proxy manually in this answer. Does this fix the problem?
Regards,
Alexander
Progress Telerik
Rank 1
I had similar experience with console app on .Net Core 2.0 but then I switched target framework to Core 2.1 and things magically started to work.
I was using this example (Client Credentials flow) to trace OpenID protocol communications: https://github.com/IdentityServer/IdentityServer4.Samples/tree/release/Quickstarts/1_ClientCredentials
Based on this blog post your experience makes perfect sense. It seems that from .NET Core 2.1 HttpClient does not use WinHTTP anymore and have brand new implementation (simplified explanation, for full detail check the blog post).
Regards,
Alexander
Progress Telerik
Rank 1
Hi Alexander,
I am using fiddler version v5.0.20182.28034 for .NET 4.5 but it is unable to capture Https services for Microsoft Visual Studio Enterprise 2017. I am using Asp dot net Core and have tried all the above mentioned solutions. Can you please help me with this.Also I have done the certificate setting properly and am getting -(14:43:26:1910 !SecureClientPipeDirect failed: System.IO.IOException Authentication failed because the remote party has closed the transport stream. for pipe (CN=*.msedge.net, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com)) in the logs.
Firstly, I would like to state that the internals of the HTTPS services for Microsoft Visual Studio Enterprise 2017 are out of my scope. With this said, I believe that it is possible that it could use certificate and public key pinning. If this is true, there is no way for Fiddler to perform a man-in-the-middle attack, to decrypt the traffic, unless you have the certificate with the private key of the service.
Regards,
Simeon
Progress Telerik
Hi,
We are trying to convert Delphi code to C# .Net Core (using .NET CORE SDK 3.1.101 (x86)) and we want to use Fiddler to capture http requests. Using Fiddler with Delphi code is working, but with C#, not. Fiddler is not capturing the HTTP / HTTPS calls made by the .Net Core version of the app. Can you please help me with some ideas?
Thanks,
Alexandra
Hi Alexandra,
As suggested in this forum thread there might be different reasons to not be able to capture traffic from your Net Core application. Try some of the solutions suggested in the linked thread and also check if there are some environment specifics that are related to how the Net Core app is handling the HTTP/HTTPS calls.
Regards,
Nick Iliev
Progress Telerik
Our thoughts here at Progress are with those affected by the outbreak.