Fiddler - Capture HTTPS Traffic from Web Application

Question

I've been banging my head against a wall for a little while now trying to get Fiddler to decrypt communications for one of the web apps I support.

Versions

Fiddler: 4.6.2.3

OS: Windows 2012 R2

.NET: 4.6

Settings

Decrypt HTTPS Traffic: Enabled (...from all processes)

Fiddler Root Certificate: Installed (A few times now...)

Protocols: <client>;ssl3;tls1.0;tls1.1;tls1.2

In the web.config I've added:

<system.net>
  <defaultProxy enabled="true">
  <proxy proxyaddress="http://127.0.0.1:8888" bypassonlocal="False"/>
  </defaultProxy>
</system.net>

The error I'm getting in the Fiddler Log is:

The client and server cannot communicate, because they do not possess a common algorithm for pipe

I scanned the first endpoint that threw the error, however keep in mind that fiddler cannot establish a handshake with any https endpoint:

TLS 1      offered
TLS 1.1    offered
TLS 1.2    offered

I tried adding this to the FiddlerScript after some research:

if (oSession.HTTPMethodIs("CONNECT") && oSession.HostnameIs("dev-wsv-OMITTED.OMITTED.ad"))
    { 
        oSession["x-OverrideSslProtocols"] = "tls1.0";
    }

No success. I'm at a loss. Why can the server establish a handshake and Fiddler cannot? All the non encrypted traffic is captured without issue, but I just can't seem to get HTTPS decryption to play nice.

Any insight or help would be greatly appreciated at this point.

Thanks!

Answer 1

I had a similar problem before. It seems that you have not created a keystore with the Fiddler Root Certificate.

Step 1: Export the certificate

Step 2: Create a keystore with this certificate

keytool.exe -import -file C:\Users\<username>\Desktop\FiddlerRoot.cer -keystore FiddlerKeystore -alias Fiddler

Step 3: Add the following VM options

That should be it.

You can refer to this msdn blog for more details.