Fiddler - tunnelled http requests to port 443

fiddler

Eranga Dissanayaka · Apr 23, 2013 · Viewed 73.3k times · Source

I've got Fiddler to decrypt https traffic. which works just fine.

http://fiddler2.com/documentation/Configure-Fiddler/Tasks/DecryptHTTPS

But there are some requests that are shown as "Tunnel to" port 443. Also the protocol of these requests are shown as HTTP instead of HTTPS. I do not see the decrypted content of these requests.

enter image description here

on the response details pane, it's shown as below:

enter image description here

Can someone let me know how I can get fiddler to decrypt these tunnelled requests too. Also appreciate if you could provide me some details about what's going on in this case.

Cheers.

Answer

You should start by reading this thread, which explains what a HTTP CONNECT Tunnel is: https://groups.google.com/forum/#!topic/httpfiddler/RCkzE3HhhxY

Since you have enabled decryption, if you're not seeing any HTTPS traffic in Fiddler, you either have a Filter enabled (click Help > Troubleshoot Filters) or you have not configured Windows to trust the Fiddler root certificate and hence your clients are aborting the connection as soon as they see the (untrusted) Fiddler certificate.

Fiddler - tunnelled http requests to port 443

Answer

Related questions