Home Arrow Icon Knowledge base Arrow Icon Global Arrow Icon How do I capture HTTPS traffic on an iPhone using Fiddler


How do I capture HTTPS traffic on an iPhone using Fiddler


To capture HTTPS traffic on an iPhone using Fiddler, follow these steps:

Configure Fiddler

1. Open Fiddler and stop any active traffic capture.

2. Install BouncyCastle: Download and install the BouncyCastle extension (CertMaker.dll) to ensure proper certificate generation compatible with iOS[1][5].

3. Reset Certificates: In Fiddler, go to `Tools > Options > HTTPS`, and use the `Actions` dropdown to select `Reset All Certificates`[5]. Ensure that the certificate generation method is set to BouncyCastle.

4. Enable Remote Connections: In `Tools > Options > Connections`, check the box for `Allow remote computers to connect`[1][5].

5. Start Capturing: Enable capturing in Fiddler.

6. Check IP Address: Hover over the online indicator in the Fiddler toolbar to find the IP address of your machine[5].

Configure iPhone

1. Remove Old Certificates: On your iPhone, go to `Settings > General > VPN & Device Management` and remove any existing DO_NOT_TRUST_FiddlerRoot profiles[1][5].

2. Set Proxy:
- Navigate to `Settings > WiFi`.
- Find your current network and tap the `i` icon.
- Scroll down to `Configure Proxy`, select `Manual`.
- Enter the Fiddler machine's IP address in the `Server` field and `8888` (or your configured port) in the `Port` field. Tap `Save`[1][2][5].

3. Install Fiddler Certificate:
- Open Safari on the iPhone and navigate to `https://ipv4.fiddler:8888` to access the Fiddler Echo Service[1][2][5].
- Download the Fiddler root certificate.
- Go to `Settings > General > Profile Downloaded` to install the certificate[1][2][5].
- For iOS 10.3 and later, enable full trust for the Fiddler root certificate in `Settings > General > About > Certificate Trust Settings`[2][5].

After completing these configurations, you should be able to capture both HTTP and HTTPS traffic from your iPhone using Fiddler[1][2][5]. If you encounter any trust issues with HTTPS sites, ensure that the Fiddler root certificate is correctly installed and trusted on your iPhone.

Remember to remove the proxy settings from your iPhone when done debugging to restore normal internet connectivity[1][2][5].

Citations:
[1] https://docs.telerik.com/fiddler-everywhere/capture-traffic/capture-from-ios
[2] https://www.telerik.com/blogs/how-to-capture-ios-traffic-with-fiddler
[3] https://www.michalspacek.com/inspecting-https-traffic-in-ios-on-windows-with-fiddler
[4] https://stackoverflow.com/questions/71935651/how-does-fiddler-decrypt-https-traffic-it-works-for-my-iphone-but-fails-for-my
[5] https://docs.telerik.com/fiddler/configure-fiddler/tasks/configureforios