Hello everyone,

I am trying to use a certificate that I have in the Windows Certificate Store with Fiddler.

In fact I am running the Fiddler in the server that is using the certificate in IIS.

I load the certificate to avoid fiddler certificate with the following code in Customize rules:

var certName: String = new String("servername")
var oCert: X509Certificate2 = CertMaker.FindCert(certName)
var result = false
MessageBox.Show(oCert)
result = CertMaker.StoreCert("servername", oCert);
MessageBox.Show(result)

 

In 4 line I show the certificate and it is correct.

In line 6 I verify that the certificate is loaded (true).

But if I try to access with the browser, fiddler show it is capturing an decrypting but with fiddler certificate (DO_NOT_TRUST_FiddlerRoot)

Can you help me to use the correct certificate installed in windows store?

I am trying to follow something like:

The CertEnroll Certificate Generator (telerik.com)

I have colleagues using with pfx file:

CertMaker.StoreCert("example.com", "C:\\temp\\cert.pfx", "TopSecretPassword");

but I want to use the other method:

CertMaker.StoreCert("example.com", certMyCert);

 

Any idea?

 

Thanks in advanced.

 

How can I decode a MessagePack of a certain websocket  ?

I tried to convert the hex to base64 then use an online msgpack converter to json but it didn't work.

I'm using Fiddler Everywhere.

(Attached an image)

Thank you !

Hi I can monitor the traffic of other applications with the iphone phone fiddler certificate. But Instagram traffic can't be tracked. How can i view instagram traffic via fidds.

I'm raising this inquiry to ask for the assistance who know familiar with Fiddler product.

About 9 months ago, in the end of year 2023, the issue occurred.
When a user accesses Web application with the latest Google Chrome, the blank screen (or WSOD) happened.
In order to analyze the cause of this issue, I've decided to install Fiddler to see how HTTP traffic was going about.
However, the issue has never occurred when Fiddler was running and I'm wondering why... 

Question#1: Why blank screen in browser never happens while Fidder is running?
Question#2: What's difference when Fiddler is running or not?

Fiddler Version: Progress Telerik Fiddler Classic v5.0.20211.51073

I'd really appreciate it if someone would help to answer this!

Regards,
Yamato

I'm seeking the difference of Operation System (Windows10)  parameters between when Fiddler is running and not.
The behavior of secure network traffics can change somehow, like proxy setting, while Fiddler is running.
If someone knows more about this, please give me an assistant. Thanks!

How to close or hide the snapshots pane? I have no use for it and it's taking screen real estate.

While testing my mobile application using Fiddler as a system proxy, I am encountering an issue. Specifically, some HTTP response headers appear to be altered in terms of case sensitivity when they reach the application, which is causing functional discrepancies.

In the backend response, the headers are correct, as verified in Fiddler. However, when the same response reaches the mobile application, some headers are being received in lowercase, even though they are correctly capitalized in Fiddler.

For example, the header userToken  is received as userToken by the application. This discrepancy is illustrated in the attached screenshots:

• Screenshot 1 shows the correct header "userToken" as displayed in Fiddler.
• Screenshot 2 shows how the header "usertoken" appears in the Xcode logs of my mobile application.

Could you please advise on how to prevent Fiddler from altering the case of the headers or if there is a configuration setting that needs to be adjusted? Your assistance in resolving this issue would be greatly appreciated.

Thank you for your support!

I want to setup proxy for a c++ application for android.

Here is my setup:

adb reverse tcp:8888 tcp:8866

adb shell settings put global http_proxy localhost:8888

And then in my own app, point my c++ libccurl to use localhost:8888 as proxy and give it the fiddler pem.

Now, my problem is that this setup doesn't work on fiddler.

However, the same exact setup works with Mitmproxy. where it points to 8080 on host and using the pem from mitmproxy.

Does anyone have any idea why this might be the case?


Thanks

When I turn on fiddler capture and go to a specific site, an http 503 error occurs.

It seems that fiddler has been blocked on that site.

Is there a way to capture this site?

 

https://smartstore.naver.com/j-flow

https://fpcy.hunan.chinatax.gov.cn:8083/NWebQuery/yzmQuery

This website support decryption under Windows 10 but does not support decryption under Windows 7.

version:v5.0.20244.10953 

This website has enabled TLS1.2 and TLS1.3.

The open-source tool mitmproxy supports decryption under Windows 7.