how to Capture https with fiddler, in java
Create a keystore containing the Fiddler certificate.
Use this keystore as the truststore for the JVM along with the proxy settings.
Here's how to do that:
- Export Fiddler's root certificate
Tools -> Fiddler Options... -> HTTPS -> Export Root Certificate to Desktop
- Create a keystore with this certificate
Open command line as administrator (keytool doesn't work otherwise)
<JDK_Home>\bin\keytool.exe -import -file C:\Users\<Username>\Desktop\FiddlerRoot.cer -keystore FiddlerKeystore -alias Fiddler
Enter a password when prompted. This should create a file called FiddlerKeystore.
- Now start the JVM with Fiddler as the proxy and this keystore as the truststore. You'll need these vmargs:
-DproxySet=true
-DproxyHost=127.0.0.1
-DproxyPort=8888
-Djavax.net.ssl.trustStore=<path\to\FiddlerKeystore>
-Djavax.net.ssl.trustStorePassword=<Keystore Password>
Use these vmargs in your eclipse run configuration and you should be good to go.
I'm able to capture HTTPS requests made from the JVM without any issues with this setup.
Maven: How to capture HTTPS traffic through Fiddler
Settings.xml in the .m2 folder needs to be configured with proxy against fiddler
<proxies>
<proxy>
<id>http</id>
<active>true</active>
<protocol>http</protocol>
<username/>
<password/>
<host>localhost</host>
<port>8888</port>
</proxy>
<proxy>
<id>https</id>
<active>true</active>
<protocol>https</protocol>
<username/>
<password/>
<host>localhost</host>
<port>8888</port>
</proxy>
</proxies>
The Fiddler certificate needs to be exported and added to jssecacerts in JAVA_HOME ($JAVA_HOME\jre\lib\security).
You create the fiddler certificate by using tools --> options -> https --> actions --> Export Root certificate to Desktop
Command to run (must be changed according to JAVA_HOME path):
"C:\Program Files\Java\jdk-11.0.1\bin\keytool" -importcert -file "<Your path to Fiddler certificate>\fiddler root.cert" -keystore "C:\Program Files\Java\jdk-11.0.1\lib\security\jssecacerts" -storepass changeit
Capturing HTTP traffic with Fiddler
Not an answer to the question, but I was able to get Wireshark working as an alternative to view the outbound traffic since it doesn't work as a proxy.
using fiddler with a java soap application call throws SunCertPathBuilderException
You need to provide fiddler`s certificate to your jvm keystore. here its explained how to Capture https with fiddler, in java
Related Topics
Junit - Run Set Up Method Once
How to Escape Reserved Words in Hibernate's Hql
How to Pass Parameter to Jsp:Include via C:Set? What Are the Scopes of the Variables in Jsp
Capturing Browser Logs with Selenium Webdriver Using Java
JSON - Iterate Through JSONarray
Is the in Relation in Cassandra Bad for Queries
Gc Overhead of Optional<T> in Java
Last Iteration of Enhanced for Loop in Java
How to Get a Token from a Lucene Tokenstream
Java Server with Multiclient Communication
Could Not Serialize Object Cause of Hibernateproxy
Prevent Swing Gui Locking Up During a Background Task
Permutation Algorithm Without Recursion? Java
What's the Difference Between Getrequesturi and Getpathinfo Methods in Httpservletrequest
Java.Net.Socketexception: Software Caused Connection Abort: Recv Failed
Read Rsa Private Key of Format Pkcs1 in Java
Is It Necessary to Close Each Nested Outputstream and Writer Separately
Intellij - Convert a Java Project/Module into a Maven Project/Module