Applies to: Centrify Identity Service for Mobile / SaaS / Office 365
Question:
Centrify Support has requested Fiddler traces from an iOS device. These are used for troubleshooting a range of issues, especially issues with authenticating to mobile applications.
How are these traces retrieved?
Answer:
You will need a wireless network, iOS device, and a Windows machine with Fiddler installed. Fiddler is a tool for capturing web traffic.
Configure the Windows/Fiddler host to capture traffic from the mobile device
- Download and install Fiddler and then open the application.
- Click Tools > Fiddler Options > Connections
- Click the checkbox to "Allow remote computers to connect".
-
- Restart Fiddler.
- Ensure your firewall allows incoming connections to the Fiddler process.
- Hover over the "Online indicator" at top right of the Fiddler toolbar to display the IP address(es) assigned to the Fiddler host machine.
- Note: Save this address for later use on the mobile device.
- Verify the iOS device can reach Fiddler by navigating in the browser to
- http://[IPAddressofFiddlerHostMachine]:8888
- This address should return the Fiddler Echo Service page.
- Verify that Fiddler is capturing traffic by going to File > Capture Traffic. There should be a check mark.
Install the Fiddler root certificate on the Windows/Fiddler host to decrypt HTTPS traffic
- Note: After the root certificate is installed, all web traffic on the host machine will be decrypted and captured using Fiddler. Proceed with caution.
- Download and install the Certificate Maker plugin for Fiddler.
- Restart Fiddler.
- Click Tools > Fiddler Options > HTTPS
- Click the "Decrypt HTTPS Traffic" box
- A warning box will appear to trust the Fiddler Root certificate. Click the Yes button.
- Another warning box will pop up asking to install the Fiddler Root certificate. Click the Yes button.
To capture traffic from an iOS device
- On the iOS device, disable any 3G/4G connections.
- Go to Settings > Wi-Fi
- Click on the Wi-Fi network to go to the settings.
- Note: The Wi-Fi network that the iOS device is on needs to be on the same network that the Fiddler host machine is on.
- Tap the "Manual" button in the HTTP Proxy section.
- In the Server box, type the IP address or hostname of the Fiddler instance (from Step 6 of the Windows machine configuration section).
- In the Port box, type the port Fiddler is listening on (Usually 8888)
- Ensure the Authentication slider is set to Off.
Install the Fiddler root certificate on iOS device to decrypt HTTPS traffic
- Note: After the root certificate is installed, all web traffic on your iOS device will be decrypted and captured using Fiddler. Proceed with caution.
- Go to http://ipv4.fiddler:8888/ in the iOS browser.
- Download the FiddlerRoot certificate from the bottom of the Fiddler Echo Service webpage.
- Open the FiddlerRoot.cer file and tap the Install button.
- There will be a warning message. Click the Install button again.
Note: On iOS 10 and later, after installing the FiddlerRoot certificate, go to
Settings ->
General ->
About ->
Certificate Trust Settings and manually enable full trust for the FiddlerRoot root certificate. Accept the dialog that says that this will allow a third-party to eavesdrop on all your communications.
Reproduce the issue on the iOS device and capture the traffic
- Reproduce the issue on the iOS device and the web traffic should now be seen being captured in Fiddler.
- After the issue has been captured, go to File > Save > All sessions...
- Send in the .saz file in to Centrify Support for further investigation.
KB-5474: How to capture network traffic from Mac devices using Fiddler