Getting FiddlerCore to work with HTTPS traffic

[Bojin Li]

I am using FiddleCore to do timing measurements on HTTP traffic. It works nicely and is simple to use.  I just call FiddlerApplication.Start(0, FiddlerCoreStartupFlags.Default) and subscribe to the FiddlerApplication.AfterSessionComplete event, where I have access to the Session Timer objects for instrumentation purposes.  As mentioned this works fine for HTTP, but I am having trouble getting the code to work for HTTPS.  The FiddlerApplication.AfterSessionComplete  callback is never invoked for HTTPS endpoints.  I found some online resources on  this, mostly having to do with installing Certificates, there doesn't seem to be a clear step by step tutorial on how to get HTTPS to work.

 

My goal is to have FiddlerCore behave the same to the programmer, where I just get a callback via FiddlerApplication.AfterSessionComplete after each session completes, regardless of whether the traffic is HTTP or HTTPS.  I tried to install the fiddler certificates, and after the certificate is installed I am getting no further Fiddler Notifications or Logs.  It appears as if the HTTPS traffic is just silently ignored.

 

Is there a checklist of things I need to do to make HTTPS work with FiddlerCore?

[EricLaw]

First things first-- did you attach event handlers to the FiddlerApplication.LogNotification and FiddlerApplication.Log.OnLogString events, which are used to inform you of problems?

 

The most likely explanation is that you don't have makecert.exe located in the proper location and thus FiddlerCore isn't able to generate needed certificates.

 

If you attach an event handler to OnBeforeRequest what, if any, change do you see?

[Bojin Li]

"First things first-- did you attach event handlers to the FiddlerApplication.LogNotification and FiddlerApplication.Log.OnLogString events, which are used to inform you of problems?"

 

Yes I attached event handlers to both Notification and Log events.

 

"The most likely explanation is that you don't have makecert.exe located in the proper location and thus FiddlerCore isn't able to generate needed certificates."

 

I don't think that's the problem.  I used the sample code from your Fiddler book which generates the certificate and then trusts it, which causes Windows to prompt the user with a modal dialog.  I'm assuming makecert.exe would have been located at the proper location(application working directory) for this to work.

 

"If you attach an event handler to OnBeforeRequest what, if any, change do you see?"

 

After I click yes on the modal dialog to trust the certificate, OnBeforeRequest is still not being invoked for HTTPS.  I am not getting any calls of my callbacks for the notification or log events neither.  It is as if the HTTPS traffic didn't happen as far as FidderCore is concerned. 

 

My understanding is that once I get Windows to trust the certificate generated by Fiddler, FiddlerCore should return a Session object in the OnSessionComplete event for HTTPS traffic, identical to how HTTP result is returned.  Is there anything else I need to do aside from the certificate step?  If not what are some other things I could try to debug the problem?  Currently HTTP works perfectly fine for me, and HTTPS does not work at all.

 

Thanks.

[EricLaw]

1. Does Fiddler capture the traffic without problems?

2. What client are you using?

3. Can you share your code?

[Bojin Li]

Hey Eric, I tried to create a simple sample application to showcase the problem for you, and HTTPS works fine in the sample app.  I'll try to see what I'm doing differently with my actual application that could be causing the problem.

 

Thanks!

[Bojin Li]

Just a quick follow up.  The problem turned out to be user error.  After getting my machine to trust the Fiddler Certificate, HTTPS works fine.  Thanks again Eric.