Some services not working with android

5 Answers 2238 Views
Mobile
aez
Top achievements
Rank 1
Iron
aez asked on 20 Mar 2022, 12:53 PM

Hello,

I have set up fiddler on my android phone and it works well but some services like netflix, youtube just say that there is no internet connection. While I installed the certificate for wifi and as AC certificate. How can I fix that ?

I attached the infos of the ipv4.fiddler:889.

5 Answers, 1 is accepted

Sort by
0
Nick Iliev
Telerik team
answered on 21 Mar 2022, 01:42 PM

Hello Aez,

 

That is the expected behavior for third-party Android applications. By default, almost all Android applications are not trusting any user-installed certificate (see more here) meaning that the root trust certificate installed by Fiddler will be rejected and can't be used for SSL decryption of the HTTPS traffic generated from the app. Some applications are even going a step further by adding additional layers of security (techniques like cert pinning).

Services like YouTube can be debugged through their web interface. You can open the YouTube request in the mobile browser, and you should be able to capture more of the inbound/outbound traffic (everything that goes through HTTP/HTTPS, that is).

 

Regards,
Nick Iliev
Progress Telerik

Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.

0
aez
Top achievements
Rank 1
Iron
answered on 22 Mar 2022, 06:16 PM

Hey,

 

Thanks for the answer but is there a solution to that ?

And if not can we make some requests not pass by our certificate ?

 

Thank you for your answer,

Aez

0
Nick Iliev
Telerik team
answered on 23 Mar 2022, 06:23 AM

Hey Aez,

 

If you are the owner of the application, then you can modify the security configuration (so that it trusts user-installed certificates) and rebuild the app. That won't work for third-party applications in production as almost all live applications are not allowing user-installed certificates. The detailed steps for that solutions are listed in the following documentation section:
https://docs.telerik.com/fiddler-everywhere/traffic/configure-android#inspecting-the-android-application-traffic

However, that won't be possible if you don't access the application codebase. The only option is to install the Fiddler root certificate as a system certificate on a rooted device (non-rooted devices won't allow you to do that). Some possibilities are discussed in this SO thread. Keep in mind that even if you have a rooted device and manage to install Fidder CA as a system certificate, many applications are using additional security checks and still won't allow you to decrypt SSL/TLS traffic.

 

Regarding And if not can we make some requests not pass by our certificate?

Apart from the solutions above (using an app in development or a hacked device), that is not possible as it would defeat the whole idea of HTTPS. If you can skip certificate checks out-of-the-box, that would mean that no information is ever safe when passing through that protocol.

 

Regards,
Nick Iliev
Progress Telerik

Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.

0
aez
Top achievements
Rank 1
Iron
answered on 23 Mar 2022, 12:09 PM

Hello,

 

Amazing thank you very much for your answer.

I am trying to debug my android app and I use google ads. The problem is that I am trying to catch the request made by my app after recieving the confirmation by google ads that the ad was seen.  But when I try with telerik on google ads is not loading and the request is not processed.

Do you have any ideas of solution ?

 

Thank you,

Aez

0
Nick Iliev
Telerik team
answered on 25 Mar 2022, 05:42 AM

Hi Aez,

 

The latest version of GoggleAds uses gRPC(Google remote procedure calls) through HTTP2. This protocol is not yet fully supported by Fiddler and as we speak the team is researching the option to implement gRPC support in Fiddler Everywhere. 

The above said, I've tested an Android app (under development) and some of the GoogleAds requests that were still going through HTTPS and were successfully captured. Can you elaborate on your case a bit further - are you not seeing any Google Ads when Fiddler is running as a proxy?

 

Regards,
Nick Iliev
Progress Telerik

Love the Telerik and Kendo UI products and believe more people should try them? Invite a fellow developer to become a Progress customer and each of you can get a $50 Amazon gift voucher.

Tags
Mobile
Asked by
aez
Top achievements
Rank 1
Iron
Answers by
Nick Iliev
Telerik team
aez
Top achievements
Rank 1
Iron
Share this question
or