Hi,
I have a problem capturing https traffic of my iPad remotly through a proxy on my PC.

I have fiddler installed on a Windows 7 machine. I have also installed the cert maker and generated a new
certificate which I have installed on the ipad.

When I open http websites i can see all the traffic. But when I try
to open https websites or apps using https the iPad cannot open the site
or use the app because of network issues. What is wrong? I followed
this instruction on multiple ios devices and recording pcs, but no https
traffic :(
http://docs.telerik.com/fiddler/configure-fiddler/tasks/ConfigureForiOS

Hi,

I am new to Fiddler, I am trying to capture traffic using Fiddler to do performance testing, to export sessions to Visual Studio Webtest. I could not get the Header information from Fiddler, I tried to solve it by trust Fiddler certificate but I could not, the solution I used are:

http://www.telerik.com/forums/some-https-sites-are-unaccessible-when-using-fiddler

http://www.telerik.com/forums/unable-to-decrypt-https-traffic

Also I get the session on Fiddler as the following with grey color which I could not get the headers information:

# Result Protocol Host URL Body Caching Content-Type Process Comments Custom
7 200 HTTP Tunnel to pluralsight.hb.omtrdc.net:443 0 chrome:1908
9 200 HTTP Tunnel to pluralsight.hb.omtrdc.net:443 0 chrome:1908
10 200 HTTP Tunnel to pluralsight.hb.omtrdc.net:443 0 chrome:1908
11 200 HTTP Tunnel to pluralsight.hb.omtrdc.net:443 0 chrome:1908
12 200 HTTP Tunnel to pluralsight.hb.omtrdc.net:443 0 chrome:1908

even I could not post his thread with Fiddler on.

Thanks,

Iris

On many occasions, I've found Fiddler stops working on SSL connections for no apparent reason. Chrome gives errors like 'untrusted cert authority'. It seems to happen after Windows or browser updates and I've tried every approach I could find to fix it.

I think I've finally found a reliable fix:

1. Open Windows Certificate Manager and manually delete all Fiddler certs from all folders

2. Open Fiddler HTTPS options tab, uncheck 'Capture HTTPS connects'

3. Click 'Remove Interception Certificates' in the Actions menu.

4. Restart Fiddler

5.Recheck 'Capture HTTPS connects' in Fiddler options, and reinstall the certs.

Removing all Fiddler certs in Windows Cert Manager first seems to be the key step.

Hi,

My fiddler decided to update but when I tried to start if post the update I get Could not find file 'Fiddler.resources'. If I continue It opens but nothing in the composer section. If I quit, it messes up my internet connection by setting local proxy and shutting down before resetting it.

Any ideas? Have also tried to update to the Beta version but same issue.

Uninstall and Reinstall?

I am trying to figure out why I am getting gibberish in the post body of the following post request. The following request is from an IOS app. I get similar results from the Android app too.

I do not get any security errors on the app (on iOS or ANdroid version) and everything works while I am capturing traffic. Can the post body be encrypted? or is it most likely compressed? There is an unusual header "x-Accepts: compression" Is there anyway to convert the gibberish to something readable? The responses also look similar to the request post body

POST https://api.site.com/ HTTP/1.1
Host: api.site.com
x-auth-token: TOKEN
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
X-Accepts: compression
Accept: application/json
User-Agent: APP
Accept-Language: en-US;q=1, es-MX;q=0.9
Accept-Encoding: gzip, deflate
Content-Length: 89

# ώ   F  u 2  + ώ# ώ#5 d ;o
)Ǒ  , z  h R   L   F 

My fiddler2 just force updated this morning and since then I am unable to decode incoming responses. I've searched for answers and have gotten nothing yet. Some common problems seem to be due to root certificate issues to which I have already reset. I also tried uninstalling and reinstalling. Clicking on the "Response body is encoded. Click to decode." button seems to refresh the response but it turns up the same, still encoded. Anyone here who's experienced something similar?

Attached is a GIF of me clicked "Decode" and exactly what happens afterward.

Hi,

I'm using Fiddler to decrypt HTTPS traffic on a Windows Server 2012 R2 machine and the options are set and works as expected. This is a shared environment and have multiple users with roaming profiles working on it. I see that the settings get disabled each time the user logs off the system. Can you please confirm where exactly these settings are saved so that we can ensure that these settings are persistent(User Profile or Registry?). Fiddler Trust Certificate also needs to be installed each time. Is there a way, to ensure both these settings are persistent?

Thanks Eyme

Hi, we have a local webserver in our network that we can't reach with Fiddler connected and using dns names.

When I try to use Fiddler in Edge I only get error "Can’t connect to the proxy server", and nothing is visible in fiddler about the request. I have played around with the proxy settings with no effect.

When Trying around it looks like it is all the url's that we are getting from our local dns server isn't working, if we use the IP Adress it is working perfectly so it feels like it is something with a Intranet zone handling, any ideas?

We have a XenApp server that is unable to connect to duosecurity.com on port 443 over HTTP. I feel sure the problem has to do with a missing root or intermediate certificate on the server, and I'm using Fiddler to help troubleshoot. With Fiddler I've found that if I enable "Decrypt HTTPS traffic", IE11 connects to the site fine as expected. If I disable that feature, the IE11 will not make the connection and fails with "Certificate was blocked because it was not signed by a valid security certificate".

I'm attempting to compare the raw session information from a failed connection with that of a successful connection, but still having trouble getting to the source of the problem. Any help is greatly appreciated.

FAILURE:

=======

HTTP/1.0 200 Connection Established
FiddlerGateway: Direct
StartTime: 18:20:01.546
Connection: close
EndTime: 18:20:01.671
ClientToServerBytes: 344
ServerToClientBytes: 3489

This is a CONNECT tunnel, through which encrypted HTTPS traffic flows.
To view the encrypted sessions inside this tunnel, enable the Tools > Fiddler Options > HTTPS > Decrypt HTTPS traffic option.

A SSLv3-compatible ServerHello handshake was found. Fiddler extracted the parameters below.

Major Version:    3
Minor Version:    3
SessionID:    empty
Random:        A2 8C DF ED A9 F0 05 B0 74 EF EE AF 01 77 DA BA E2 7C 17 47 94 90 EF 85 9D 82 58 17 33 F4 41 54
Cipher:        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 [0xC027]
CompressionSuite:    NO_COMPRESSION [0x00]
Extensions:
        server_name    empty
        renegotiation_info    00
        ec_point_formats    03 00 01 02

SUCCESS:

========

HTTP/1.0 200 Connection Established
FiddlerGateway: Direct
StartTime: 11:27:37.650
Connection: close

Encrypted HTTPS traffic flows through this CONNECT tunnel. HTTPS Decryption is enabled in Fiddler, so decrypted sessions running in this tunnel will be shown in the Web Sessions list.

Secure Protocol: Tls
Cipher: Aes128 128bits
Hash Algorithm: Sha1 160bits
Key Exchange: 44550 256bits

== Server Certificate ==========
[Subject]
  CN=*.duosecurity.com, O="Duo Security, Inc.", L=Ann Arbor, S=Michigan, C=US

[Issuer]
  CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US

[Serial Number]
  03CBE781655532FAE641E04B268E6A52

[Not Before]
  10/22/2013 7:00:01 AM

[Not After]
  1/4/2017 6:00:00 AM

[Thumbprint]
  7D15717C4EBC7367A2E6D5A11CBEC85DAF33A9BB

Hello,

I'm trying to edit a response body that is encoded in deflated SAML.

Fiddler's TextWizard allows me to convert the body to readable content, but so far I am unable to properly code it in FiddlerScript (to adjust automatically, and for several edits at a time).

I'm sure I am missing a couple steps, and am hoping someone can help me fill in the blanks.

Here is a sample of what I have so far: