Applies to: Centrify Identity Service for Mobile / SaaS / Office 365
Centrify Support has requested Fiddler traces from an iOS device. These are used for troubleshooting a range of issues, especially issues with authenticating to mobile applications.
How are these traces retrieved?
You will need a wireless network, iOS device, and a Windows machine with Fiddler installed. Fiddler is a tool for capturing web traffic.Configure the Windows/Fiddler host to capture traffic from the mobile device
Install the Fiddler root certificate on the Windows/Fiddler host to decrypt HTTPS traffic
- Download and install Fiddler and then open the application.
- Click Tools > Fiddler Options > Connections
- Click the checkbox to "Allow remote computers to connect".
- Restart Fiddler.
- Ensure your firewall allows incoming connections to the Fiddler process.
- Hover over the "Online indicator" at top right of the Fiddler toolbar to display the IP address(es) assigned to the Fiddler host machine.
- Note: Save this address for later use on the mobile device.
- Verify the iOS device can reach Fiddler by navigating in the browser to
- This address should return the Fiddler Echo Service page.
- Verify that Fiddler is capturing traffic by going to File > Capture Traffic. There should be a check mark.
- Note: After the root certificate is installed, all web traffic on the host machine will be decrypted and captured using Fiddler. Proceed with caution.
To capture traffic from an iOS device
- Download and install the Certificate Maker plugin for Fiddler.
- Restart Fiddler.
- Click Tools > Fiddler Options > HTTPS
- Click the "Decrypt HTTPS Traffic" box
- A warning box will appear to trust the Fiddler Root certificate. Click the Yes button.
- Another warning box will pop up asking to install the Fiddler Root certificate. Click the Yes button.
Install the Fiddler root certificate on iOS device to decrypt HTTPS traffic
- On the iOS device, disable any 3G/4G connections.
- Go to Settings > Wi-Fi
- Click on the Wi-Fi network to go to the settings.
- Note: The Wi-Fi network that the iOS device is on needs to be on the same network that the Fiddler host machine is on.
- Tap the "Manual" button in the HTTP Proxy section.
- In the Server box, type the IP address or hostname of the Fiddler instance (from Step 6 of the Windows machine configuration section).
- In the Port box, type the port Fiddler is listening on (Usually 8888)
- Ensure the Authentication slider is set to Off.
- Note: After the root certificate is installed, all web traffic on your iOS device will be decrypted and captured using Fiddler. Proceed with caution.
Reproduce the issue on the iOS device and capture the traffic
- Go to http://ipv4.fiddler:8888/ in the iOS browser.
- Download the FiddlerRoot certificate from the bottom of the Fiddler Echo Service webpage.
- Open the FiddlerRoot.cer file and tap the Install button.
- There will be a warning message. Click the Install button again.
- Reproduce the issue on the iOS device and the web traffic should now be seen being captured in Fiddler.
- After the issue has been captured, go to File > Save > All sessions...
- Send in the .saz file in to Centrify Support for further investigation.