Fiddler2: Decrypt HTTPS traffic and Tunnel to host:443

fiddler

I use Fiddler2 to analyse some pages that use https connections. I enabled HTTPS decryption, but I still see some Tunnel to host:443 entries in my log. I can see decrypted HTTPS traffic in the log, so I assume the decyption works.

I think, that a Tunnel to host:443 entry is created in addition to the decrypted log entry when the connection is opened.

Is my assumption correct or did I miss something?

Best Answer

Yes, this is expected.

If you click on Tunnel to Host:443 you'll see the following on the Statistics tab:

The selected session is a HTTP CONNECT Tunnel. This tunnel enables a client to 
send raw traffic (e.g. HTTPS-encrypted streams or WebSocket messages) through 
a HTTP Proxy Server (like Fiddler).

You can automatically hide these tunnels if you like by clicking Rules > Hide Connects.

Related Solutions

Fiddler – tunnelled http requests to port 443

You should start by reading this thread, which explains what a HTTP CONNECT Tunnel is: https://groups.google.com/forum/#!topic/httpfiddler/RCkzE3HhhxY

Since you have enabled decryption, if you're not seeing any HTTPS traffic in Fiddler, you either have a Filter enabled (click Help > Troubleshoot Filters) or you have not configured Windows to trust the Fiddler root certificate and hence your clients are aborting the connection as soon as they see the (untrusted) Fiddler certificate.

Android – Sniffing Android app’s HTTPS traffic from Fiddler fails with only ‘Tunnel To’ entries in Fiddler

"Apps that target API Level 24 and above no longer trust user or admin-added CAs for secure connections, by default"

If you are targeting API >=24 or running on a >= 24 device, create an xml resource with the following:

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <debug-overrides>
        <trust-anchors>
            <!-- Trust user added CAs while debuggable only -->
            <certificates src="user"/>
        </trust-anchors>
    </debug-overrides>
</network-security-config>

Name it "network_secutrity_config.xml" or something like that and add id as a reference to your manifest with the android:networkSecurityConfig tag.

You can read a bit more here (it helped me):

https://android-developers.googleblog.com/2016/07/changes-to-trusted-certificate.html

Best Answer

Related Solutions

Fiddler – tunnelled http requests to port 443

Android – Sniffing Android app’s HTTPS traffic from Fiddler fails with only ‘Tunnel To’ entries in Fiddler

Related Topic