The following diagram shows a Fiddler proxy (MITM) approach for decrypting HTTPS traffic from a remote machine.
For those unfamiliar, ProxyCap is a utility that allows users to define “proxy rules” on a per-application basis instead of setting a global machine-wide proxy on a computer.
The application I was trying to proxy through Fiddler displayed the following error:
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Additionally, the Fiddler proxy machine would pop up an error dialog as shown below:
Session #2: The server (*) presented a certificate that did not validate, because it was issued to a different host.
This warning can be disabled by clicking Tools > Fiddler Options.
In Fiddler, click
Tools > Fiddler Options... and ensure Fiddler is setup to “allow remote computers to connect” as shown below:
Next, export the “root certificate” on the Fiddler proxy.
FiddlerRoot.cer to the remote machine. Right-click the
FiddlerRoot.cer file on the remote machine and Install the certificate on the remote machine. Be sure to install the certificate into the “Trusted Root Certification Authorities” store as shown below:
Last but not least, on the remote machine, be sure to define proxy rules with “Resolve names remotely” checked in ProxyCap rules. This setting avoids IP and certificate mismatches.
And that’s all! Success!
Share onTwitter Facebook Google+ LinkedIn
Leave a comment
Your email address will not be published. Required fields are marked *